This is an automated email from the ASF dual-hosted git repository. benjobs pushed a commit to branch sync in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git
commit 2276ff61f351fe3c0d2674310b9e99d383ad1a2c Author: benjobs <[email protected]> AuthorDate: Fri May 31 18:00:40 2024 +0800 [Impove] sync from 2.1.4 --- .../console/base/domain/ApiDocConstant.java | 2 +- .../annotation/{ApiAccess.java => OpenAPI.java} | 2 +- ...{PermissionAction.java => PermissionScope.java} | 15 +- .../{ConsoleAspect.java => StreamParkAspect.java} | 94 ++++++------ .../ApplicationBuildPipelineController.java | 36 +---- .../core/controller/ApplicationController.java | 164 +++++++-------------- .../controller/ApplicationHistoryController.java | 10 -- .../console/core/controller/ConfigController.java | 9 -- .../core/controller/ExternalLinkController.java | 14 -- .../core/controller/FlinkClusterController.java | 13 -- .../core/controller/FlinkEnvController.java | 12 -- .../core/controller/FlinkGateWayController.java | 10 -- .../controller/FlinkPodTemplateController.java | 8 - .../core/controller/FlinkSqlController.java | 31 ++-- .../console/core/controller/MessageController.java | 5 - .../console/core/controller/ProjectController.java | 64 ++++---- .../core/controller/ResourceController.java | 10 -- .../core/controller/SavePointController.java | 50 ++----- .../console/core/controller/SettingController.java | 13 -- .../SparkApplicationBuildPipelineController.java | 10 +- .../controller/SparkApplicationController.java | 55 +------ .../core/controller/SparkEnvController.java | 12 -- .../core/controller/SqlWorkBenchController.java | 36 ----- .../core/controller/VariableController.java | 11 -- .../core/controller/YarnQueueController.java | 16 -- .../console/core/enums/AuthenticationType.java | 23 +++ .../console/core/enums/PermissionTypeEnum.java | 40 ----- .../console/system/authentication/JWTFilter.java | 41 ++---- .../console/system/authentication/JWTToken.java | 5 +- .../console/system/authentication/JWTUtil.java | 105 +++++++------ .../console/system/authentication/ShiroRealm.java | 30 ++-- .../system/controller/AccessTokenController.java | 3 +- .../system/controller/MemberController.java | 5 - .../console/system/controller/UserController.java | 3 - .../console/system/service/AccessTokenService.java | 4 +- .../service/impl/AccessTokenServiceImpl.java | 35 ++--- .../system/service/impl/UserServiceImpl.java | 8 +- .../core/service/AccessTokenServiceTest.java | 2 +- .../console/system/authentication/JWTTest.java | 3 + 39 files changed, 322 insertions(+), 687 deletions(-) diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/domain/ApiDocConstant.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/domain/ApiDocConstant.java index e3b9ab774..515bdec0e 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/domain/ApiDocConstant.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/domain/ApiDocConstant.java @@ -20,5 +20,5 @@ package org.apache.streampark.console.base.domain; /** Interface document constants */ public class ApiDocConstant { - public static final String FLINK_APP_OP_TAG = "FLINK_APPLICATION_OPERATION_TAG"; + public static final String OPENAPI_TAG = "OpenAPI"; } diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/ApiAccess.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/OpenAPI.java similarity index 97% rename from streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/ApiAccess.java rename to streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/OpenAPI.java index 5326c4dd8..e9f5bfdec 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/ApiAccess.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/OpenAPI.java @@ -24,6 +24,6 @@ import java.lang.annotation.Target; @Target(ElementType.METHOD) @Retention(RetentionPolicy.RUNTIME) -public @interface ApiAccess { +public @interface OpenAPI { boolean value() default true; } diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/PermissionAction.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/PermissionScope.java similarity index 75% rename from streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/PermissionAction.java rename to streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/PermissionScope.java index cca19d8a8..8ac2b6402 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/PermissionAction.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/annotation/PermissionScope.java @@ -17,21 +17,18 @@ package org.apache.streampark.console.core.annotation; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; - import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; -/** - * In the controller({@link org.apache.streampark.console.core.controller}), If the method contains - * this annotation, it means that this method requires certain permissions to be called. - */ @Target(ElementType.METHOD) @Retention(RetentionPolicy.RUNTIME) -public @interface PermissionAction { - String id(); +public @interface PermissionScope { + + String user() default "#appId"; + + String team() default ""; - PermissionTypeEnum type(); + String app() default ""; } diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/aspect/ConsoleAspect.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/aspect/StreamParkAspect.java similarity index 67% rename from streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/aspect/ConsoleAspect.java rename to streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/aspect/StreamParkAspect.java index 4170a9a83..084a702ab 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/aspect/ConsoleAspect.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/aspect/StreamParkAspect.java @@ -19,15 +19,15 @@ package org.apache.streampark.console.core.aspect; import org.apache.streampark.console.base.domain.RestResponse; import org.apache.streampark.console.base.exception.ApiAlertException; -import org.apache.streampark.console.core.annotation.ApiAccess; -import org.apache.streampark.console.core.annotation.PermissionAction; +import org.apache.streampark.console.core.annotation.OpenAPI; +import org.apache.streampark.console.core.annotation.PermissionScope; import org.apache.streampark.console.core.entity.Application; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; import org.apache.streampark.console.core.enums.UserTypeEnum; import org.apache.streampark.console.core.service.CommonService; import org.apache.streampark.console.core.service.application.ApplicationManageService; import org.apache.streampark.console.core.watcher.FlinkAppHttpWatcher; import org.apache.streampark.console.system.entity.AccessToken; +import org.apache.streampark.console.system.entity.Member; import org.apache.streampark.console.system.entity.User; import org.apache.streampark.console.system.service.MemberService; @@ -48,12 +48,10 @@ import org.springframework.expression.spel.standard.SpelExpressionParser; import org.springframework.expression.spel.support.StandardEvaluationContext; import org.springframework.stereotype.Component; -import java.util.Objects; - @Slf4j @Component @Aspect -public class ConsoleAspect { +public class StreamParkAspect { @Autowired private FlinkAppHttpWatcher flinkAppHttpWatcher; @Autowired private CommonService commonService; @@ -64,21 +62,19 @@ public class ConsoleAspect { "execution(public" + " org.apache.streampark.console.base.domain.RestResponse" + " org.apache.streampark.console.*.controller.*.*(..))") - public void apiAccess() {} + public void openAPI() {} @SuppressWarnings("checkstyle:SimplifyBooleanExpression") - @Around(value = "apiAccess()") - public RestResponse apiAccess(ProceedingJoinPoint joinPoint) throws Throwable { + @Around(value = "openAPI()") + public RestResponse openAPI(ProceedingJoinPoint joinPoint) throws Throwable { MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature(); - if (log.isDebugEnabled()) { - log.debug("restResponse aspect, method:{}", methodSignature.getName()); - } + log.debug("restResponse aspect, method:{}", methodSignature.getName()); Boolean isApi = (Boolean) SecurityUtils.getSubject().getSession().getAttribute(AccessToken.IS_API_TOKEN); - if (Objects.nonNull(isApi) && isApi) { - ApiAccess apiAccess = methodSignature.getMethod().getAnnotation(ApiAccess.class); - if (Objects.isNull(apiAccess) || !apiAccess.value()) { - throw new ApiAlertException("api accessToken authentication failed!"); + if (isApi != null && isApi) { + OpenAPI openAPI = methodSignature.getMethod().getAnnotation(OpenAPI.class); + if (openAPI == null) { + throw new ApiAlertException("current api unsupported!"); } } return (RestResponse) joinPoint.proceed(); @@ -90,22 +86,20 @@ public class ConsoleAspect { @Around("appUpdated()") public Object appUpdated(ProceedingJoinPoint joinPoint) throws Throwable { MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature(); - if (log.isDebugEnabled()) { - log.debug("appUpdated aspect, method:{}", methodSignature.getName()); - } + log.debug("appUpdated aspect, method:{}", methodSignature.getName()); Object target = joinPoint.proceed(); flinkAppHttpWatcher.init(); return target; } - @Pointcut("@annotation(org.apache.streampark.console.core.annotation.PermissionAction)") + @Pointcut("@annotation(org.apache.streampark.console.core.annotation.PermissionScope)") public void permissionAction() {} @Around("permissionAction()") public RestResponse permissionAction(ProceedingJoinPoint joinPoint) throws Throwable { MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature(); - PermissionAction permissionAction = - methodSignature.getMethod().getAnnotation(PermissionAction.class); + PermissionScope permissionScope = + methodSignature.getMethod().getAnnotation(PermissionScope.class); User currentUser = commonService.getCurrentUser(); ApiAlertException.throwIfNull(currentUser, "Permission denied, please login first."); @@ -113,40 +107,45 @@ public class ConsoleAspect { boolean isAdmin = currentUser.getUserType() == UserTypeEnum.ADMIN; if (!isAdmin) { - PermissionTypeEnum permissionTypeEnum = permissionAction.type(); - Long paramId = getParamId(joinPoint, methodSignature, permissionAction.id()); + // 1) check userId + Long userId = getId(joinPoint, methodSignature, permissionScope.user()); + ApiAlertException.throwIfTrue( + userId != null && !currentUser.getUserId().equals(userId), + "Permission denied, operations can only be performed with the permissions of the currently logged-in user."); + + // 2) check team + Long teamId = getId(joinPoint, methodSignature, permissionScope.team()); + if (teamId != null) { + Member member = memberService.getByTeamIdUserName(teamId, currentUser.getUsername()); + ApiAlertException.throwIfTrue( + member == null, + "Permission denied, only members of this team can access this permission"); + } - switch (permissionTypeEnum) { - case USER: - ApiAlertException.throwIfTrue( - !currentUser.getUserId().equals(paramId), - "Permission denied, only user himself can access this permission"); - break; - case TEAM: + // 3) check app + Long appId = getId(joinPoint, methodSignature, permissionScope.app()); + if (appId != null) { + Application app = applicationManageService.getById(appId); + ApiAlertException.throwIfTrue(app == null, "Invalid operation, application is null"); + if (!currentUser.getUserId().equals(app.getUserId())) { + Member member = + memberService.getByTeamIdUserName(app.getTeamId(), currentUser.getUsername()); ApiAlertException.throwIfTrue( - memberService.getByTeamIdUserName(paramId, currentUser.getUsername()) == null, - "Permission denied, only user belongs to this team can access this permission"); - break; - case APP: - Application app = applicationManageService.getById(paramId); - ApiAlertException.throwIfTrue(app == null, "Invalid operation, application is null"); - ApiAlertException.throwIfTrue( - memberService.getByTeamIdUserName(app.getTeamId(), currentUser.getUsername()) == null, - "Permission denied, only user belongs to this team can access this permission"); - break; - default: - throw new IllegalArgumentException( - String.format("Permission type %s is not supported.", permissionTypeEnum)); + member == null, + "Permission denied, this job not created by the current user, And the job cannot be found in the current user's team."); + } } } return (RestResponse) joinPoint.proceed(); } - private Long getParamId( - ProceedingJoinPoint joinPoint, MethodSignature methodSignature, String spELString) { + private Long getId(ProceedingJoinPoint joinPoint, MethodSignature methodSignature, String expr) { + if (StringUtils.isEmpty(expr)) { + return null; + } SpelExpressionParser parser = new SpelExpressionParser(); - Expression expression = parser.parseExpression(spELString); + Expression expression = parser.parseExpression(expr); EvaluationContext context = new StandardEvaluationContext(); Object[] args = joinPoint.getArgs(); DefaultParameterNameDiscoverer discoverer = new DefaultParameterNameDiscoverer(); @@ -159,7 +158,6 @@ public class ConsoleAspect { if (value == null || StringUtils.isBlank(value.toString())) { return null; } - try { return Long.parseLong(value.toString()); } catch (NumberFormatException e) { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationBuildPipelineController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationBuildPipelineController.java index a692e56fa..9fb8453c4 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationBuildPipelineController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationBuildPipelineController.java @@ -17,24 +17,16 @@ package org.apache.streampark.console.core.controller; -import org.apache.streampark.console.base.domain.ApiDocConstant; import org.apache.streampark.console.base.domain.RestResponse; -import org.apache.streampark.console.core.annotation.ApiAccess; -import org.apache.streampark.console.core.annotation.PermissionAction; +import org.apache.streampark.console.core.annotation.PermissionScope; import org.apache.streampark.console.core.bean.AppBuildDockerResolvedDetail; import org.apache.streampark.console.core.entity.AppBuildPipeline; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; import org.apache.streampark.console.core.service.AppBuildPipeService; import org.apache.streampark.flink.packer.pipeline.DockerResolvedSnapshot; import org.apache.streampark.flink.packer.pipeline.PipelineTypeEnum; import org.apache.shiro.authz.annotation.RequiresPermissions; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; -import io.swagger.v3.oas.annotations.Parameters; -import io.swagger.v3.oas.annotations.media.Schema; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -46,7 +38,6 @@ import java.util.HashMap; import java.util.Map; import java.util.Optional; -@Tag(name = "FLINK_APPLICATION_BUILD_PIPELINE_TAG") @Slf4j @Validated @RestController @@ -55,27 +46,7 @@ public class ApplicationBuildPipelineController { @Autowired private AppBuildPipeService appBuildPipeService; - /** - * Release application building pipeline. - * - * @param appId application id - * @param forceBuild forced start pipeline or not - * @return Whether the pipeline was successfully started - */ - @Operation( - summary = "Release application", - tags = {ApiDocConstant.FLINK_APP_OP_TAG}) - @Parameters({ - @Parameter(name = "appId", description = "app id", required = true, example = "100000"), - @Parameter( - name = "forceBuild", - description = "force build", - required = true, - example = "false", - schema = @Schema(defaultValue = "false", implementation = boolean.class)) - }) - @ApiAccess - @PermissionAction(id = "#appId", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#appId") @PostMapping(value = "build") @RequiresPermissions("app:create") public RestResponse buildApplication(Long appId, boolean forceBuild) { @@ -93,9 +64,8 @@ public class ApplicationBuildPipelineController { * @param appId application id * @return "pipeline" -> pipeline details, "docker" -> docker resolved snapshot */ - @Operation(summary = "Get application release pipeline") - @ApiAccess @PostMapping("/detail") + @PermissionScope(app = "#appId") @RequiresPermissions("app:view") public RestResponse getBuildProgressDetail(Long appId) { Map<String, Object> details = new HashMap<>(0); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationController.java index 77736db00..9665404db 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationController.java @@ -23,14 +23,13 @@ import org.apache.streampark.console.base.domain.ApiDocConstant; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; import org.apache.streampark.console.base.exception.InternalException; -import org.apache.streampark.console.core.annotation.ApiAccess; import org.apache.streampark.console.core.annotation.AppUpdated; -import org.apache.streampark.console.core.annotation.PermissionAction; +import org.apache.streampark.console.core.annotation.OpenAPI; +import org.apache.streampark.console.core.annotation.PermissionScope; import org.apache.streampark.console.core.entity.Application; import org.apache.streampark.console.core.entity.ApplicationBackUp; import org.apache.streampark.console.core.entity.ApplicationLog; import org.apache.streampark.console.core.enums.AppExistsStateEnum; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; import org.apache.streampark.console.core.service.ApplicationBackUpService; import org.apache.streampark.console.core.service.ApplicationLogService; import org.apache.streampark.console.core.service.ResourceService; @@ -41,13 +40,11 @@ import org.apache.streampark.console.core.service.application.ApplicationManageS import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Hidden; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.Parameters; import io.swagger.v3.oas.annotations.enums.ParameterIn; import io.swagger.v3.oas.annotations.media.Schema; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -62,7 +59,6 @@ import java.io.Serializable; import java.net.URI; import java.util.Map; -@Tag(name = "FLINK_APPLICATION_TAG") @Slf4j @Validated @RestController @@ -81,18 +77,15 @@ public class ApplicationController { @Autowired private ResourceService resourceService; - @Operation(summary = "Get application") - @ApiAccess @PostMapping("get") + @PermissionScope(app = "#app.id") @RequiresPermissions("app:detail") public RestResponse get(Application app) { Application application = applicationManageService.getApp(app.getId()); return RestResponse.success(application); } - @Operation(summary = "Create application") - @ApiAccess - @PermissionAction(id = "#app.teamId", type = PermissionTypeEnum.TEAM) + @PermissionScope(team = "#app.teamId") @PostMapping("create") @RequiresPermissions("app:create") public RestResponse create(Application app) throws IOException { @@ -100,25 +93,7 @@ public class ApplicationController { return RestResponse.success(saved); } - @Operation( - summary = "Copy application", - tags = {ApiDocConstant.FLINK_APP_OP_TAG}) - @Parameters({ - @Parameter( - name = "id", - description = "copied target app id", - in = ParameterIn.QUERY, - required = true, - example = "100000"), - @Parameter( - name = "jobName", - description = "new application name", - in = ParameterIn.QUERY, - example = "copy-app"), - @Parameter(name = "args", description = "new application args", in = ParameterIn.QUERY) - }) - @ApiAccess - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#app.id", team = "#app.teamId") @PostMapping(value = "copy") @RequiresPermissions("app:copy") public RestResponse copy(@Parameter(hidden = true) Application app) throws IOException { @@ -126,9 +101,8 @@ public class ApplicationController { return RestResponse.success(); } - @Operation(summary = "Update application") @AppUpdated - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#app.id") @PostMapping("update") @RequiresPermissions("app:update") public RestResponse update(Application app) { @@ -136,34 +110,32 @@ public class ApplicationController { return RestResponse.success(true); } - @Operation(summary = "Get applications dashboard data") @PostMapping("dashboard") + @PermissionScope(team = "#teamId") public RestResponse dashboard(Long teamId) { Map<String, Serializable> dashboardMap = applicationInfoService.getDashboardDataMap(teamId); return RestResponse.success(dashboardMap); } - @Operation(summary = "List applications") - @ApiAccess @PostMapping("list") + @PermissionScope(team = "#app.teamId") @RequiresPermissions("app:view") public RestResponse list(Application app, RestRequest request) { IPage<Application> applicationList = applicationManageService.page(app, request); return RestResponse.success(applicationList); } - @Operation(summary = "Mapping application") @AppUpdated @PostMapping("mapping") + @PermissionScope(app = "#app.id") @RequiresPermissions("app:mapping") public RestResponse mapping(Application app) { boolean flag = applicationManageService.mapping(app); return RestResponse.success(flag); } - @Operation(summary = "Revoke application") @AppUpdated - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#app.id") @PostMapping("revoke") @RequiresPermissions("app:release") public RestResponse revoke(Application app) { @@ -171,7 +143,7 @@ public class ApplicationController { return RestResponse.success(); } - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#app.id", team = "#app.teamId") @PostMapping(value = "check_start") @RequiresPermissions("app:start") public RestResponse checkStart(Application app) { @@ -181,8 +153,14 @@ public class ApplicationController { @Operation( summary = "Start application", - tags = {ApiDocConstant.FLINK_APP_OP_TAG}) + tags = {ApiDocConstant.OPENAPI_TAG}) @Parameters({ + @Parameter( + name = "Authorization", + description = "Access authorization token", + in = ParameterIn.HEADER, + required = true, + schema = @Schema(implementation = String.class)), @Parameter( name = "id", description = "start app id", @@ -190,27 +168,33 @@ public class ApplicationController { required = true, example = "100000", schema = @Schema(implementation = Long.class)), + @Parameter( + name = "teamId", + description = "current user teamId", + in = ParameterIn.QUERY, + required = true, + example = "100000", + schema = @Schema(implementation = Long.class)), @Parameter( name = "savePointed", description = "restored app from the savepoint or latest checkpoint", in = ParameterIn.QUERY, - required = true, example = "false", schema = @Schema(implementation = boolean.class, defaultValue = "false")), @Parameter( name = "savePoint", description = "savepoint or checkpoint path", in = ParameterIn.QUERY, + required = false, schema = @Schema(implementation = String.class)), @Parameter( name = "allowNonRestored", description = "ignore savepoint if cannot be restored", in = ParameterIn.QUERY, - required = false, schema = @Schema(implementation = boolean.class, defaultValue = "false")) }) - @ApiAccess - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @OpenAPI + @PermissionScope(app = "#app.id", team = "#app.teamId") @PostMapping(value = "start") @RequiresPermissions("app:start") public RestResponse start(@Parameter(hidden = true) Application app) { @@ -224,9 +208,15 @@ public class ApplicationController { @Operation( summary = "Cancel application", - tags = {ApiDocConstant.FLINK_APP_OP_TAG}) - @ApiAccess + tags = {ApiDocConstant.OPENAPI_TAG}) + @OpenAPI @Parameters({ + @Parameter( + name = "Authorization", + description = "Access authorization token", + in = ParameterIn.HEADER, + required = true, + schema = @Schema(implementation = String.class)), @Parameter( name = "id", description = "cancel app id", @@ -234,11 +224,17 @@ public class ApplicationController { required = true, example = "100000", schema = @Schema(implementation = Long.class)), + @Parameter( + name = "teamId", + description = "current user teamId", + in = ParameterIn.QUERY, + required = true, + example = "100000", + schema = @Schema(implementation = Long.class)), @Parameter( name = "savePointed", description = "trigger savepoint before taking stopping", in = ParameterIn.QUERY, - required = true, schema = @Schema(implementation = boolean.class, defaultValue = "false")), @Parameter( name = "savePoint", @@ -250,18 +246,10 @@ public class ApplicationController { name = "drain", description = "send max watermark before canceling", in = ParameterIn.QUERY, - required = true, - example = "false", - schema = @Schema(implementation = boolean.class, defaultValue = "false")), - @Parameter( - name = "nativeFormat", - description = "use savepoint native format", - in = ParameterIn.QUERY, - required = true, example = "false", schema = @Schema(implementation = boolean.class, defaultValue = "false")) }) - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#app.id", team = "#app.teamId") @PostMapping(value = "cancel") @RequiresPermissions("app:cancel") public RestResponse cancel(@Parameter(hidden = true) Application app) throws Exception { @@ -269,20 +257,8 @@ public class ApplicationController { return RestResponse.success(); } - @Operation(summary = "Clean application") - @AppUpdated - @ApiAccess - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) - @PostMapping("clean") - @RequiresPermissions("app:clean") - public RestResponse clean(Application app) { - applicationManageService.clean(app); - return RestResponse.success(true); - } - /** force stop(stop normal start or in progress) */ - @Operation(summary = "Force stop application") - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#app.id") @PostMapping("forcedStop") @RequiresPermissions("app:cancel") public RestResponse forcedStop(Application app) { @@ -290,56 +266,53 @@ public class ApplicationController { return RestResponse.success(); } - @Operation(summary = "Get application on yarn proxy address") @PostMapping("yarn") public RestResponse yarn() { return RestResponse.success(YarnUtils.getRMWebAppProxyURL()); } - @Operation(summary = "Get application on yarn name") @PostMapping("name") + @PermissionScope(app = "#app.id", team = "#app.teamId") public RestResponse yarnName(Application app) { String yarnName = applicationInfoService.getYarnName(app.getConfig()); return RestResponse.success(yarnName); } - @Operation(summary = "Check the application exist status") @PostMapping("checkName") + @PermissionScope(app = "#app.id", team = "#app.teamId") public RestResponse checkName(Application app) { AppExistsStateEnum exists = applicationInfoService.checkExists(app); return RestResponse.success(exists.get()); } - @Operation(summary = "Get application conf") @PostMapping("readConf") public RestResponse readConf(Application app) throws IOException { String config = applicationInfoService.readConf(app.getConfig()); return RestResponse.success(config); } - @Operation(summary = "Get application main-class") @PostMapping("main") + @PermissionScope(app = "#app.id", team = "#app.teamId") public RestResponse getMain(Application application) { String mainClass = applicationInfoService.getMain(application); return RestResponse.success(mainClass); } - @Operation(summary = "List application backups") @PostMapping("backups") + @PermissionScope(app = "#backUp.appId", team = "#backUp.teamId") public RestResponse backups(ApplicationBackUp backUp, RestRequest request) { IPage<ApplicationBackUp> backups = backUpService.getPage(backUp, request); return RestResponse.success(backups); } - @Operation(summary = "List application operation logs") @PostMapping("optionlog") - public RestResponse optionlog(ApplicationLog applicationLog, RestRequest request) { + @PermissionScope(app = "#log.appId", team = "#log.teamId") + public RestResponse log(ApplicationLog applicationLog, RestRequest request) { IPage<ApplicationLog> applicationList = applicationLogService.getPage(applicationLog, request); return RestResponse.success(applicationList); } - @Operation(summary = "Delete application operation log") - @PermissionAction(id = "#applicationLog.appId", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#log.appId", team = "#log.teamId") @PostMapping("deleteOperationLog") @RequiresPermissions("app:delete") public RestResponse deleteOperationLog(Long id) { @@ -347,8 +320,7 @@ public class ApplicationController { return RestResponse.success(deleted); } - @Operation(summary = "Delete application") - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#app.id", team = "#app.teamId") @PostMapping("delete") @RequiresPermissions("app:delete") public RestResponse delete(Application app) throws InternalException { @@ -356,15 +328,13 @@ public class ApplicationController { return RestResponse.success(deleted); } - @Operation(summary = "Backup application when deleted") - @PermissionAction(id = "#backUp.appId", type = PermissionTypeEnum.APP) + @PermissionScope(app = "#backUp.appId") @PostMapping("deletebak") public RestResponse deleteBak(ApplicationBackUp backUp) throws InternalException { Boolean deleted = backUpService.removeById(backUp.getId()); return RestResponse.success(deleted); } - @Operation(summary = "Check the application jar") @PostMapping("checkjar") public RestResponse checkjar(String jar) { File file = new File(jar); @@ -376,7 +346,6 @@ public class ApplicationController { } } - @Operation(summary = "Upload the application jar") @PostMapping("upload") @RequiresPermissions("app:create") public RestResponse upload(MultipartFile file) throws Exception { @@ -384,7 +353,6 @@ public class ApplicationController { return RestResponse.success(uploadPath); } - @Hidden @PostMapping("verifySchema") public RestResponse verifySchema(String path) { final URI uri = URI.create(path); @@ -407,8 +375,8 @@ public class ApplicationController { return restResponse; } - @Operation(summary = "Check the application savepoint path") @PostMapping("checkSavepointPath") + @PermissionScope(app = "#app.id", team = "#app.teamId") public RestResponse checkSavepointPath(Application app) throws Exception { String error = applicationInfoService.checkSavepointPath(app); if (error == null) { @@ -417,27 +385,7 @@ public class ApplicationController { return RestResponse.success(false).message(error); } - @Operation(summary = "Get application on k8s deploy logs") - @Parameters({ - @Parameter( - name = "id", - description = "app id", - required = true, - example = "100000", - schema = @Schema(implementation = Long.class)), - @Parameter( - name = "offset", - description = "number of log lines offset", - required = true, - example = "0", - schema = @Schema(implementation = int.class)), - @Parameter( - name = "limit", - description = "number of log lines loaded at once", - required = true, - example = "100", - schema = @Schema(implementation = int.class)), - }) + @PermissionScope(app = "#id") @PostMapping(value = "k8sStartLog") public RestResponse k8sStartLog(Long id, Integer offset, Integer limit) throws Exception { String resp = applicationInfoService.k8sStartLog(id, offset, limit); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationHistoryController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationHistoryController.java index 5b3c756e0..015244c6e 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationHistoryController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ApplicationHistoryController.java @@ -23,8 +23,6 @@ import org.apache.streampark.console.core.service.application.ApplicationInfoSer import org.apache.shiro.authz.annotation.RequiresPermissions; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -35,7 +33,6 @@ import org.springframework.web.bind.annotation.RestController; import java.util.ArrayList; import java.util.List; -@Tag(name = "FLINK_APPLICATION_HISTORY_TAG") @Slf4j @Validated @RestController @@ -44,7 +41,6 @@ public class ApplicationHistoryController { @Autowired private ApplicationInfoService applicationInfoService; - @Operation(summary = "List the upload jar history records") @PostMapping("uploadJars") @RequiresPermissions("app:create") public RestResponse listUploadJars() { @@ -52,7 +48,6 @@ public class ApplicationHistoryController { return RestResponse.success(jars); } - @Operation(summary = "List the k8s namespace history records") @PostMapping("k8sNamespaces") @RequiresPermissions("app:create") public RestResponse listK8sNamespace() { @@ -60,7 +55,6 @@ public class ApplicationHistoryController { return RestResponse.success(namespaces); } - @Operation(summary = "List the session cluster history records") @PostMapping("sessionClusterIds") @RequiresPermissions("app:create") public RestResponse listSessionClusterId(int executionMode) { @@ -78,7 +72,6 @@ public class ApplicationHistoryController { return RestResponse.success(clusterIds); } - @Operation(summary = "List the flink base image history records") @PostMapping("flinkBaseImages") @RequiresPermissions("app:create") public RestResponse listFlinkBaseImage() { @@ -86,7 +79,6 @@ public class ApplicationHistoryController { return RestResponse.success(images); } - @Operation(summary = "List the flink pod template history records") @PostMapping("flinkPodTemplates") @RequiresPermissions("app:create") public RestResponse listPodTemplate() { @@ -94,7 +86,6 @@ public class ApplicationHistoryController { return RestResponse.success(templates); } - @Operation(summary = "List the flink JM pod template history records") @PostMapping("flinkJmPodTemplates") @RequiresPermissions("app:create") public RestResponse listJmPodTemplate() { @@ -102,7 +93,6 @@ public class ApplicationHistoryController { return RestResponse.success(templates); } - @Operation(summary = "List the flink TM pod template history records") @PostMapping("flinkTmPodTemplates") @RequiresPermissions("app:create") public RestResponse listTmPodTemplate() { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ConfigController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ConfigController.java index 06e1c167c..20fea6ff0 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ConfigController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ConfigController.java @@ -28,8 +28,6 @@ import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; import com.google.common.collect.ImmutableMap; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -40,7 +38,6 @@ import org.springframework.web.bind.annotation.RestController; import java.util.List; import java.util.Map; -@Tag(name = "CONFIG_TAG") @Slf4j @Validated @RestController @@ -49,35 +46,30 @@ public class ConfigController { @Autowired private ApplicationConfigService applicationConfigService; - @Operation(summary = "Get config") @PostMapping("get") public RestResponse get(Long id) { ApplicationConfig config = applicationConfigService.get(id); return RestResponse.success(config); } - @Operation(summary = "Get the flink application conf-template") @PostMapping("template") public RestResponse template() { String config = applicationConfigService.readTemplate(); return RestResponse.success(config); } - @Operation(summary = "List the application configs") @PostMapping("list") public RestResponse list(ApplicationConfig config, RestRequest request) { IPage<ApplicationConfig> page = applicationConfigService.getPage(config, request); return RestResponse.success(page); } - @Operation(summary = "List application config histories") @PostMapping("history") public RestResponse history(Application application) { List<ApplicationConfig> history = applicationConfigService.list(application.getId()); return RestResponse.success(history); } - @Operation(summary = "Delete config") @PostMapping("delete") @RequiresPermissions("conf:delete") public RestResponse delete(Long id) { @@ -85,7 +77,6 @@ public class ConfigController { return RestResponse.success(deleted); } - @Operation(summary = "Get system hadoop configs") @PostMapping("sysHadoopConf") @RequiresPermissions("app:create") public RestResponse getSystemHadoopConfig() { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ExternalLinkController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ExternalLinkController.java index 22076c597..00d99de73 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ExternalLinkController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ExternalLinkController.java @@ -24,10 +24,6 @@ import org.apache.streampark.console.core.service.ExternalLinkService; import org.apache.shiro.authz.annotation.RequiresPermissions; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; -import io.swagger.v3.oas.annotations.Parameters; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -42,7 +38,6 @@ import javax.validation.constraints.NotNull; import java.util.List; -@Tag(name = "FLINK_EXTERNAL_LINK_TAG") @Slf4j @Validated @RestController @@ -51,7 +46,6 @@ public class ExternalLinkController { @Autowired private ExternalLinkService externalLinkService; - @Operation(summary = "List external link") @PostMapping("/list") @RequiresPermissions("externalLink:view") public RestResponse list() { @@ -59,10 +53,6 @@ public class ExternalLinkController { return RestResponse.success(externalLink); } - @Operation( - summary = "Get the application external links", - description = "Render external link by app id") - @Parameters({@Parameter(name = "appId", required = true, example = "100000")}) @PostMapping("/render") public RestResponse render( @NotNull(message = "The flink app id cannot be null") @RequestParam("appId") Long appId) { @@ -70,7 +60,6 @@ public class ExternalLinkController { return RestResponse.success(renderedExternalLink); } - @Operation(summary = "Create external link") @PostMapping("/create") @RequiresPermissions("externalLink:create") public RestResponse create(@Valid ExternalLink externalLink) { @@ -78,7 +67,6 @@ public class ExternalLinkController { return RestResponse.success(); } - @Operation(summary = "Update external link") @PostMapping("/update") @RequiresPermissions("externalLink:update") public RestResponse update(@Valid ExternalLink externalLink) { @@ -87,8 +75,6 @@ public class ExternalLinkController { return RestResponse.success(); } - @Operation(summary = "Delete external link") - @Parameters({@Parameter(name = "appId", required = true, example = "100000")}) @DeleteMapping("/delete") @RequiresPermissions("externalLink:delete") public RestResponse delete( diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkClusterController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkClusterController.java index 27b0b80aa..71b297d67 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkClusterController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkClusterController.java @@ -26,8 +26,6 @@ import org.apache.streampark.console.core.service.FlinkClusterService; import org.apache.shiro.authz.annotation.RequiresPermissions; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -37,7 +35,6 @@ import org.springframework.web.bind.annotation.RestController; import java.util.List; -@Tag(name = "FLINK_CLUSTER_TAG") @Slf4j @Validated @RestController @@ -46,35 +43,30 @@ public class FlinkClusterController { @Autowired private FlinkClusterService flinkClusterService; - @Operation(summary = "List flink clusters that are eligible") @PostMapping("availableList") public RestResponse listAvailableCluster() { List<FlinkCluster> flinkClusters = flinkClusterService.listAvailableCluster(); return RestResponse.success(flinkClusters); } - @Operation(summary = "List flink clusters") @PostMapping("list") public RestResponse list() { List<FlinkCluster> flinkClusters = flinkClusterService.list(); return RestResponse.success(flinkClusters); } - @Operation(summary = "Get flink cluster remote address") @PostMapping("remoteUrl") public RestResponse remoteUrl(Long id) { FlinkCluster cluster = flinkClusterService.getById(id); return RestResponse.success(cluster.getAddress()); } - @Operation(summary = "Check the cluster status") @PostMapping("check") public RestResponse check(FlinkCluster cluster) { ResponseResult checkResult = flinkClusterService.check(cluster); return RestResponse.success(checkResult); } - @Operation(summary = "Create flink cluster") @PostMapping("create") @RequiresPermissions("cluster:create") public RestResponse create(FlinkCluster cluster) { @@ -82,7 +74,6 @@ public class FlinkClusterController { return RestResponse.success(success); } - @Operation(summary = "Update flink cluster") @PostMapping("update") @RequiresPermissions("cluster:update") public RestResponse update(FlinkCluster cluster) { @@ -90,14 +81,12 @@ public class FlinkClusterController { return RestResponse.success(); } - @Operation(summary = "Get flink cluster") @PostMapping("get") public RestResponse get(Long id) throws InternalException { FlinkCluster cluster = flinkClusterService.getById(id); return RestResponse.success(cluster); } - @Operation(summary = "Start flink cluster") @PostMapping("start") public RestResponse start(FlinkCluster cluster) { flinkClusterService.updateClusterState(cluster.getId(), ClusterState.STARTING); @@ -105,7 +94,6 @@ public class FlinkClusterController { return RestResponse.success(); } - @Operation(summary = "Shutdown flink cluster") @PostMapping("shutdown") public RestResponse shutdown(FlinkCluster cluster) { if (flinkClusterService.allowShutdownCluster(cluster)) { @@ -115,7 +103,6 @@ public class FlinkClusterController { return RestResponse.success(); } - @Operation(summary = "Delete flink cluster") @PostMapping("delete") public RestResponse delete(FlinkCluster cluster) { flinkClusterService.remove(cluster.getId()); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkEnvController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkEnvController.java index a4a663b81..e7c0e51b5 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkEnvController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkEnvController.java @@ -23,8 +23,6 @@ import org.apache.streampark.console.core.entity.FlinkEnv; import org.apache.streampark.console.core.enums.FlinkEnvCheckEnum; import org.apache.streampark.console.core.service.FlinkEnvService; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -34,7 +32,6 @@ import org.springframework.web.bind.annotation.RestController; import java.util.List; -@Tag(name = "FLINK_ENV_TAG") @Slf4j @Validated @RestController @@ -43,21 +40,18 @@ public class FlinkEnvController { @Autowired private FlinkEnvService flinkEnvService; - @Operation(summary = "Get flink environment") @PostMapping("list") public RestResponse list() { List<FlinkEnv> flinkEnvList = flinkEnvService.list(); return RestResponse.success(flinkEnvList); } - @Operation(summary = "Verify flink environment") @PostMapping("check") public RestResponse check(FlinkEnv version) { FlinkEnvCheckEnum checkResp = flinkEnvService.check(version); return RestResponse.success(checkResp.getCode()); } - @Operation(summary = "Create flink environment") @PostMapping("create") public RestResponse create(FlinkEnv version) { try { @@ -68,7 +62,6 @@ public class FlinkEnvController { return RestResponse.success(true); } - @Operation(summary = "Get flink environment") @PostMapping("get") public RestResponse get(Long id) throws Exception { FlinkEnv flinkEnv = flinkEnvService.getById(id); @@ -76,14 +69,12 @@ public class FlinkEnvController { return RestResponse.success(flinkEnv); } - @Operation(summary = "Sync flink environment conf") @PostMapping("sync") public RestResponse sync(Long id) throws Exception { flinkEnvService.syncConf(id); return RestResponse.success(); } - @Operation(summary = "Update flink environment") @PostMapping("update") public RestResponse update(FlinkEnv version) throws Exception { try { @@ -94,21 +85,18 @@ public class FlinkEnvController { return RestResponse.success(true); } - @Operation(summary = "Delete flink environment") @PostMapping("delete") public RestResponse delete(Long id) { flinkEnvService.removeById(id); return RestResponse.success(); } - @Operation(summary = "Check flink environment is valid, else throw exception") @PostMapping("validity") public RestResponse validity(FlinkEnv version) { flinkEnvService.validity(version.getId()); return RestResponse.success(true); } - @Operation(summary = "Update flink environment as default") @PostMapping("default") public RestResponse setDefault(Long id) { flinkEnvService.setDefault(id); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkGateWayController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkGateWayController.java index 6f0e0ec4f..de8157de4 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkGateWayController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkGateWayController.java @@ -22,8 +22,6 @@ import org.apache.streampark.console.core.entity.FlinkGateWay; import org.apache.streampark.console.core.enums.GatewayTypeEnum; import org.apache.streampark.console.core.service.FlinkGateWayService; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.validation.annotation.Validated; @@ -39,7 +37,6 @@ import org.springframework.web.bind.annotation.RestController; import javax.validation.constraints.NotNull; -@Tag(name = "FLINK_GATEWAY_TAG") @Slf4j @Validated @RestController @@ -49,27 +46,23 @@ public class FlinkGateWayController { private final FlinkGateWayService flinkGatewayService; - @Operation(summary = "List flink gateways") @GetMapping("list") public RestResponse list() { return RestResponse.success(flinkGatewayService.list()); } - @Operation(summary = "Create flink gateway") @PostMapping("create") public RestResponse create(@RequestBody FlinkGateWay flinkGateWay) { flinkGatewayService.create(flinkGateWay); return RestResponse.success(); } - @Operation(summary = "Check flink gateway name") @GetMapping("check/name") public RestResponse checkName( @NotNull(message = "The Gateway name cannot be null") @RequestParam("name") String name) { return RestResponse.success(flinkGatewayService.existsByGatewayName(name)); } - @Operation(summary = "Check flink gateway address") @GetMapping("check/address") public RestResponse checkAddress( @NotNull(message = "The Gateway address cannot be null") @RequestParam("address") @@ -79,20 +72,17 @@ public class FlinkGateWayController { return RestResponse.success(gatewayVersion); } - @Operation(summary = "Update flink gateway") @PutMapping("update") public RestResponse update(@RequestBody FlinkGateWay flinkGateWay) { flinkGatewayService.update(flinkGateWay); return RestResponse.success(); } - @Operation(summary = "Get flink gateway by id") @GetMapping("get/{id}") public RestResponse get(@PathVariable Long id) { return RestResponse.success(flinkGatewayService.getById(id)); } - @Operation(summary = "Delete flink gateway by id") @DeleteMapping("delete") public RestResponse delete( @NotNull(message = "The Gateway id cannot be null") @RequestParam("id") Long id) { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkPodTemplateController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkPodTemplateController.java index 9b7805ac8..28c5d5e59 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkPodTemplateController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkPodTemplateController.java @@ -23,8 +23,6 @@ import org.apache.streampark.flink.kubernetes.PodTemplateParser; import org.apache.commons.lang3.StringUtils; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; @@ -37,14 +35,12 @@ import java.util.List; import java.util.Map; import java.util.stream.Collectors; -@Tag(name = "FLINK_POD_TEMPLATE_TAG") @Slf4j @Validated @RestController @RequestMapping("flink/podtmpl") public class FlinkPodTemplateController { - @Operation(summary = "Get system hosts") @PostMapping("sysHosts") public RestResponse getHosts() { // hostname -> ipv4 @@ -56,14 +52,12 @@ public class FlinkPodTemplateController { return RestResponse.success(friendlyHosts); } - @Operation(summary = "Get initial pod template") @PostMapping("init") public RestResponse getInitContent() { return RestResponse.success(PodTemplateParser.getInitPodTemplateContent()); } /** @param hosts hostname:ipv4,hostname:ipv4,hostname:ipv4... */ - @Operation(summary = "Get pod template of complete host-alias") @PostMapping("compHostAlias") public RestResponse completeHostAlias(String hosts, String podTemplate) { Map<String, String> hostMap = covertHostsParamToMap(hosts); @@ -85,7 +79,6 @@ public class FlinkPodTemplateController { .collect(Collectors.toMap(arr -> arr[0], arr -> arr[1])); } - @Operation(summary = "Extract host-alias from pod template") @PostMapping("extractHostAlias") public RestResponse extractHostAlias(String podTemplate) { Map<String, String> hosts = PodTemplateParser.extractHostAliasMap(podTemplate); @@ -97,7 +90,6 @@ public class FlinkPodTemplateController { } /** @param hosts hostname:ipv4,hostname:ipv4,hostname:ipv4... */ - @Operation(summary = "Preview pod template with host-alias") @PostMapping("previewHostAlias") public RestResponse previewHostAlias(String hosts) { Map<String, String> hostMap = covertHostsParamToMap(hosts); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkSqlController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkSqlController.java index e3dba3689..b78e5084b 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkSqlController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/FlinkSqlController.java @@ -19,7 +19,9 @@ package org.apache.streampark.console.core.controller; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; +import org.apache.streampark.console.base.exception.ApiAlertException; import org.apache.streampark.console.base.exception.InternalException; +import org.apache.streampark.console.core.annotation.PermissionScope; import org.apache.streampark.console.core.entity.Application; import org.apache.streampark.console.core.entity.FlinkSql; import org.apache.streampark.console.core.service.FlinkSqlService; @@ -30,8 +32,6 @@ import org.apache.streampark.flink.core.FlinkSqlValidationResult; import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -43,7 +43,6 @@ import javax.validation.constraints.NotNull; import java.util.List; -@Tag(name = "FLINK_SQL_TAG") @Slf4j @Validated @RestController @@ -60,7 +59,6 @@ public class FlinkSqlController { @Autowired private SqlCompleteService sqlComplete; - @Operation(summary = "Verify sql") @PostMapping("verify") public RestResponse verify(String sql, Long versionId, Long teamId) { sql = variableService.replaceVariable(teamId, sql); @@ -86,24 +84,26 @@ public class FlinkSqlController { return RestResponse.success(true); } - @Operation(summary = "List the application sql") @PostMapping("list") - public RestResponse list(Long appId, RestRequest request) { - IPage<FlinkSql> page = flinkSqlService.getPage(appId, request); + @PermissionScope(app = "#flinkSql.appId", team = "#flinkSql.teamId") + public RestResponse list(FlinkSql flinkSql, RestRequest request) { + IPage<FlinkSql> page = flinkSqlService.getPage(flinkSql.getAppId(), request); return RestResponse.success(page); } - @Operation(summary = "Delete sql") @PostMapping("delete") @RequiresPermissions("sql:delete") - public RestResponse delete(Long id) { - Boolean deleted = flinkSqlService.removeById(id); + @PermissionScope(app = "#flinkSql.appId", team = "#flinkSql.teamId") + public RestResponse delete(FlinkSql flinkSql) { + Boolean deleted = flinkSqlService.removeById(flinkSql.getSql()); return RestResponse.success(deleted); } - @Operation(summary = "List sql by ids") @PostMapping("get") - public RestResponse get(String id) throws InternalException { + @PermissionScope(app = "#appId", team = "#teamId") + public RestResponse get(Long appId, Long teamId, String id) throws InternalException { + ApiAlertException.throwIfTrue( + appId == null || teamId == null, "Permission denied, appId and teamId cannot be null"); String[] array = id.split(","); FlinkSql flinkSql1 = flinkSqlService.getById(array[0]); flinkSql1.base64Encode(); @@ -115,14 +115,13 @@ public class FlinkSqlController { return RestResponse.success(new FlinkSql[] {flinkSql1, flinkSql2}); } - @Operation(summary = "List the applications sql histories") @PostMapping("history") - public RestResponse sqlhistory(Application application) { - List<FlinkSql> sqlList = flinkSqlService.listFlinkSqlHistory(application.getId()); + @PermissionScope(app = "#app.id", team = "#app.teamId") + public RestResponse sqlhistory(Application app) { + List<FlinkSql> sqlList = flinkSqlService.listFlinkSqlHistory(app.getId()); return RestResponse.success(sqlList); } - @Operation(summary = "Get the complete sql") @PostMapping("sqlComplete") public RestResponse getSqlComplete(@NotNull(message = "{required}") String sql) { return RestResponse.success().put("word", sqlComplete.getComplete(sql)); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/MessageController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/MessageController.java index e0bfaf28b..4f566dcb3 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/MessageController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/MessageController.java @@ -24,8 +24,6 @@ import org.apache.streampark.console.core.enums.NoticeTypeEnum; import org.apache.streampark.console.core.service.MessageService; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -33,7 +31,6 @@ import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -@Tag(name = "MESSAGE_TAG") @Slf4j @Validated @RestController @@ -42,7 +39,6 @@ public class MessageController { @Autowired private MessageService messageService; - @Operation(summary = "List notices") @PostMapping("notice") public RestResponse notice(Integer type, RestRequest request) { NoticeTypeEnum noticeTypeEnum = NoticeTypeEnum.of(type); @@ -50,7 +46,6 @@ public class MessageController { return RestResponse.success(pages); } - @Operation(summary = "Delete notice") @PostMapping("delnotice") public RestResponse delNotice(Long id) { return RestResponse.success(messageService.removeById(id)); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ProjectController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ProjectController.java index 191e8ae83..d63aeae36 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ProjectController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ProjectController.java @@ -21,6 +21,7 @@ import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; import org.apache.streampark.console.base.exception.ApiAlertException; import org.apache.streampark.console.core.annotation.AppUpdated; +import org.apache.streampark.console.core.annotation.PermissionScope; import org.apache.streampark.console.core.entity.Project; import org.apache.streampark.console.core.enums.GitAuthorizedErrorEnum; import org.apache.streampark.console.core.service.ProjectService; @@ -28,8 +29,6 @@ import org.apache.streampark.console.core.service.ProjectService; import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -42,7 +41,6 @@ import java.util.Collections; import java.util.List; import java.util.Map; -@Tag(name = "PROJECT_TAG") @Slf4j @Validated @RestController @@ -51,8 +49,8 @@ public class ProjectController { @Autowired private ProjectService projectService; - @Operation(summary = "Create project") @PostMapping("create") + @PermissionScope(team = "#project.teamId") @RequiresPermissions("project:create") public RestResponse create(Project project) { ApiAlertException.throwIfNull( @@ -60,40 +58,42 @@ public class ProjectController { return projectService.create(project); } - @Operation(summary = "Update project") @AppUpdated @PostMapping("update") @RequiresPermissions("project:update") + @PermissionScope(team = "#project.teamId") public RestResponse update(Project project) { boolean update = projectService.update(project); return RestResponse.success().data(update); } - @Operation(summary = "Get project") @PostMapping("get") - public RestResponse get(Long id) { - return RestResponse.success().data(projectService.getById(id)); + @PermissionScope(team = "#project.teamId") + public RestResponse get(Project project) { + return RestResponse.success().data(projectService.getById(project.getId())); } - @Operation(summary = "Build project") @PostMapping("build") @RequiresPermissions("project:build") - public RestResponse build(Long id) throws Exception { - projectService.build(id); + @PermissionScope(team = "#project.teamId") + public RestResponse build(Project project) throws Exception { + projectService.build(project.getId()); return RestResponse.success(); } - @Operation(summary = "Get project build logs") @PostMapping("buildlog") @RequiresPermissions("project:build") + @PermissionScope(team = "#teamId") public RestResponse buildLog( - Long id, @RequestParam(value = "startOffset", required = false) Long startOffset) { + Long id, + @RequestParam(value = "startOffset", required = false) Long startOffset, + Long teamId) { return projectService.getBuildLog(id, startOffset); } - @Operation(summary = "List projects") @PostMapping("list") @RequiresPermissions("project:view") + @PermissionScope(team = "#project.teamId") public RestResponse list(Project project, RestRequest restRequest) { if (project.getTeamId() == null) { return RestResponse.success(Collections.emptyList()); @@ -102,60 +102,60 @@ public class ProjectController { return RestResponse.success().data(page); } - @Operation(summary = "List git project branches") @PostMapping("branches") + @PermissionScope(team = "#project.teamId") public RestResponse branches(Project project) { - List<String> branches = projectService.getAllBranches(project); + List<String> branches = project.getAllBranches(); return RestResponse.success().data(branches); } - @Operation(summary = "Delete project") @PostMapping("delete") @RequiresPermissions("project:delete") - public RestResponse delete(Long id) { - Boolean deleted = projectService.removeById(id); + @PermissionScope(team = "#project.teamId") + public RestResponse delete(Project project) { + Boolean deleted = projectService.removeById(project.getId()); return RestResponse.success().data(deleted); } - @Operation(summary = "Authenticate git project") @PostMapping("gitcheck") + @PermissionScope(team = "#project.teamId") public RestResponse gitCheck(Project project) { - GitAuthorizedErrorEnum error = projectService.gitCheck(project); + GitAuthorizedErrorEnum error = project.gitCheck(); return RestResponse.success().data(error.getType()); } - @Operation(summary = "Check the project") @PostMapping("exists") + @PermissionScope(team = "#project.teamId") public RestResponse exists(Project project) { boolean exists = projectService.exists(project); return RestResponse.success().data(exists); } - @Operation(summary = "List project modules") @PostMapping("modules") - public RestResponse modules(Long id) { - List<String> result = projectService.listModules(id); + @PermissionScope(team = "#project.teamId") + public RestResponse modules(Project project) { + List<String> result = projectService.listModules(project.getId()); return RestResponse.success().data(result); } - @Operation(summary = "List project jars") @PostMapping("jars") + @PermissionScope(team = "#project.teamId") public RestResponse jars(Project project) { List<String> result = projectService.listJars(project); return RestResponse.success().data(result); } - @Operation(summary = "List project configurations") @PostMapping("listconf") + @PermissionScope(team = "#project.teamId") public RestResponse listConf(Project project) { - List<Map<String, Object>> confList = projectService.listConf(project); - return RestResponse.success().data(confList); + List<Map<String, Object>> list = projectService.listConf(project); + return RestResponse.success().data(list); } - @Operation(summary = "List the team projects") @PostMapping("select") + @PermissionScope(team = "#teamId") public RestResponse select(@RequestParam Long teamId) { - List<Project> projectList = projectService.listByTeamId(teamId); - return RestResponse.success().data(projectList); + List<Project> list = projectService.listByTeamId(teamId); + return RestResponse.success().data(list); } } diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ResourceController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ResourceController.java index c2761e0bc..fab860df6 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ResourceController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/ResourceController.java @@ -25,8 +25,6 @@ import org.apache.streampark.console.core.service.ResourceService; import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -42,7 +40,6 @@ import javax.validation.Valid; import java.util.List; -@Tag(name = "RESOURCE_TAG") @Slf4j @Validated @RestController @@ -51,7 +48,6 @@ public class ResourceController { @Autowired private ResourceService resourceService; - @Operation(summary = "add resource") @PostMapping("add") @RequiresPermissions("resource:add") public RestResponse addResource(@Valid Resource resource) throws Exception { @@ -59,20 +55,17 @@ public class ResourceController { return RestResponse.success(); } - @Operation(summary = "check resource") @PostMapping("check") public RestResponse checkResource(@Valid Resource resource) throws Exception { return this.resourceService.checkResource(resource); } - @Operation(summary = "List resources") @PostMapping("page") public RestResponse page(RestRequest restRequest, Resource resource) { IPage<Resource> page = resourceService.getPage(resource, restRequest); return RestResponse.success(page); } - @Operation(summary = "Update resource") @PutMapping("update") @RequiresPermissions("resource:update") public RestResponse updateResource(@Valid Resource resource) { @@ -80,7 +73,6 @@ public class ResourceController { return RestResponse.success(); } - @Operation(summary = "Delete resource") @DeleteMapping("delete") @RequiresPermissions("resource:delete") public RestResponse deleteResource(@Valid Resource resource) { @@ -88,14 +80,12 @@ public class ResourceController { return RestResponse.success(); } - @Operation(summary = "List resource") @PostMapping("list") public RestResponse listResource(@RequestParam Long teamId) { List<Resource> resourceList = resourceService.listByTeamId(teamId); return RestResponse.success(resourceList); } - @Operation(summary = "Upload the resource jar") @PostMapping("upload") @RequiresPermissions("resource:add") public RestResponse upload(MultipartFile file) throws Exception { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SavePointController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SavePointController.java index e228b838e..18529a3dc 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SavePointController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SavePointController.java @@ -20,7 +20,7 @@ package org.apache.streampark.console.core.controller; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; import org.apache.streampark.console.base.exception.InternalException; -import org.apache.streampark.console.core.annotation.ApiAccess; +import org.apache.streampark.console.core.annotation.PermissionScope; import org.apache.streampark.console.core.entity.Application; import org.apache.streampark.console.core.entity.SavePoint; import org.apache.streampark.console.core.service.SavePointService; @@ -29,11 +29,6 @@ import org.apache.streampark.console.core.service.application.ApplicationManageS import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; -import io.swagger.v3.oas.annotations.Parameters; -import io.swagger.v3.oas.annotations.media.Schema; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -43,7 +38,6 @@ import org.springframework.web.bind.annotation.RestController; import javax.annotation.Nullable; -@Tag(name = "SAVEPOINT_TAG") @Slf4j @Validated @RestController @@ -54,51 +48,25 @@ public class SavePointController { @Autowired private SavePointService savePointService; - @Operation(summary = "Get application savepoint latest") - @PostMapping("latest") - public RestResponse latest(Long appId) { - SavePoint savePoint = savePointService.getLatest(appId); - return RestResponse.success(savePoint); - } - - @Operation(summary = "List application savepoint histories") @PostMapping("history") - public RestResponse history(SavePoint savePoint, RestRequest request) { - IPage<SavePoint> page = savePointService.getPage(savePoint, request); + @PermissionScope(app = "#sp.appId", team = "#sp.teamId") + public RestResponse history(SavePoint sp, RestRequest request) { + IPage<SavePoint> page = savePointService.getPage(sp, request); return RestResponse.success(page); } - @Operation(summary = "Delete savepoint") @PostMapping("delete") @RequiresPermissions("savepoint:delete") - public RestResponse delete(Long id) throws InternalException { - SavePoint savePoint = savePointService.getById(id); + @PermissionScope(app = "#sp.appId", team = "#sp.teamId") + public RestResponse delete(SavePoint sp) throws InternalException { + SavePoint savePoint = savePointService.getById(sp.getId()); Application application = applicationManageService.getById(savePoint.getAppId()); - Boolean deleted = savePointService.remove(id, application); + Boolean deleted = savePointService.remove(sp.getId(), application); return RestResponse.success(deleted); } - @Operation( - summary = "Trigger savepoint", - description = "trigger savepoint for specified application") - @Parameters({ - @Parameter( - name = "appId", - description = "app id", - required = true, - example = "100000", - schema = @Schema(implementation = Long.class)), - @Parameter( - name = "savepointPath", - description = "specified savepoint path", - schema = @Schema(implementation = String.class)), - @Parameter( - name = "nativeFormat", - description = "use native format", - schema = @Schema(implementation = Boolean.class)) - }) - @ApiAccess @PostMapping("trigger") + @PermissionScope(app = "#savePoint.appId", team = "#savePoint.teamId") @RequiresPermissions("savepoint:trigger") public RestResponse trigger( Long appId, @Nullable String savepointPath, @Nullable Boolean nativeFormat) { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SettingController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SettingController.java index 27b357549..2dfc876f7 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SettingController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SettingController.java @@ -28,8 +28,6 @@ import org.apache.streampark.console.core.service.SettingService; import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -39,7 +37,6 @@ import org.springframework.web.bind.annotation.RestController; import java.util.List; -@Tag(name = "SETTING_TAG") @Slf4j @Validated @RestController @@ -48,7 +45,6 @@ public class SettingController { @Autowired private SettingService settingService; - @Operation(summary = "List settings") @PostMapping("all") @RequiresPermissions("setting:view") public RestResponse all() { @@ -58,14 +54,12 @@ public class SettingController { return RestResponse.success(setting); } - @Operation(summary = "Get setting") @PostMapping("get") public RestResponse get(String key) { Setting setting = settingService.get(key); return RestResponse.success(setting); } - @Operation(summary = "Update setting") @PostMapping("update") @RequiresPermissions("setting:update") public RestResponse update(Setting setting) { @@ -73,7 +67,6 @@ public class SettingController { return RestResponse.success(updated); } - @Operation(summary = "get Docker config") @PostMapping("docker") @RequiresPermissions("setting:view") public RestResponse docker() { @@ -81,7 +74,6 @@ public class SettingController { return RestResponse.success(dockerConfig); } - @Operation(summary = "check docker setting") @PostMapping("check/docker") @RequiresPermissions("setting:view") public RestResponse checkDocker(DockerConfig dockerConfig) { @@ -89,7 +81,6 @@ public class SettingController { return RestResponse.success(result); } - @Operation(summary = "Update docker setting") @PostMapping("update/docker") @RequiresPermissions("setting:update") public RestResponse updateDocker(DockerConfig dockerConfig) { @@ -97,7 +88,6 @@ public class SettingController { return RestResponse.success(updated); } - @Operation(summary = "get sender email") @PostMapping("email") @RequiresPermissions("setting:view") public RestResponse email() { @@ -105,7 +95,6 @@ public class SettingController { return RestResponse.success(senderEmail); } - @Operation(summary = "check email") @PostMapping("check/email") @RequiresPermissions("setting:view") public RestResponse checkEmail(SenderEmail senderEmail) { @@ -113,7 +102,6 @@ public class SettingController { return RestResponse.success(result); } - @Operation(summary = "Update sender email") @PostMapping("update/email") @RequiresPermissions("setting:update") public RestResponse updateEmail(SenderEmail senderEmail) { @@ -121,7 +109,6 @@ public class SettingController { return RestResponse.success(updated); } - @Operation(summary = "Check hadoop status") @PostMapping("check/hadoop") public RestResponse checkHadoop() { try { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationBuildPipelineController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationBuildPipelineController.java index 459d30e78..1e179df56 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationBuildPipelineController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationBuildPipelineController.java @@ -18,14 +18,12 @@ package org.apache.streampark.console.core.controller; import org.apache.streampark.console.base.domain.RestResponse; -import org.apache.streampark.console.core.annotation.PermissionAction; +import org.apache.streampark.console.core.annotation.PermissionScope; import org.apache.streampark.console.core.entity.AppBuildPipeline; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; import org.apache.streampark.console.core.service.SparkAppBuildPipeService; import org.apache.shiro.authz.annotation.RequiresPermissions; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -37,7 +35,6 @@ import java.util.HashMap; import java.util.Map; import java.util.Optional; -@Tag(name = "SPARK_APPLICATION_BUILD_PIPELINE_TAG") @Slf4j @Validated @RestController @@ -53,9 +50,9 @@ public class SparkApplicationBuildPipelineController { * @param forceBuild forced start pipeline or not * @return Whether the pipeline was successfully started */ - @PermissionAction(id = "#appId", type = PermissionTypeEnum.APP) @PostMapping(value = "build") @RequiresPermissions("app:create") + @PermissionScope(app = "#appId") public RestResponse buildApplication(Long appId, boolean forceBuild) { try { boolean actionResult = appBuildPipeService.buildApplication(appId, forceBuild); @@ -71,10 +68,9 @@ public class SparkApplicationBuildPipelineController { * @param appId application id * @return "pipeline" -> pipeline details, "docker" -> docker resolved snapshot */ - // @Operation(summary = "Get application release pipeline") - // @ApiAccess @PostMapping("/detail") @RequiresPermissions("app:view") + @PermissionScope(app = "#appId") public RestResponse getBuildProgressDetail(Long appId) { Map<String, Object> details = new HashMap<>(0); Optional<AppBuildPipeline> pipeline = appBuildPipeService.getCurrentBuildPipeline(appId); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationController.java index 0cc19ae8a..90ce3f22b 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkApplicationController.java @@ -22,14 +22,11 @@ import org.apache.streampark.common.util.YarnUtils; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; import org.apache.streampark.console.base.exception.InternalException; -import org.apache.streampark.console.core.annotation.ApiAccess; import org.apache.streampark.console.core.annotation.AppUpdated; -import org.apache.streampark.console.core.annotation.PermissionAction; import org.apache.streampark.console.core.entity.ApplicationBackUp; import org.apache.streampark.console.core.entity.ApplicationLog; import org.apache.streampark.console.core.entity.SparkApplication; import org.apache.streampark.console.core.enums.AppExistsStateEnum; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; import org.apache.streampark.console.core.service.ApplicationBackUpService; import org.apache.streampark.console.core.service.ApplicationLogService; import org.apache.streampark.console.core.service.ResourceService; @@ -40,10 +37,6 @@ import org.apache.streampark.console.core.service.application.SparkApplicationMa import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Hidden; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.Parameter; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -58,7 +51,6 @@ import java.io.Serializable; import java.net.URI; import java.util.Map; -@Tag(name = "SPARK_APPLICATION_TAG") @Slf4j @Validated @RestController @@ -77,8 +69,6 @@ public class SparkApplicationController { @Autowired private ResourceService resourceService; - @Operation(summary = "Get application") - @ApiAccess @PostMapping("get") @RequiresPermissions("app:detail") public RestResponse get(SparkApplication app) { @@ -86,9 +76,6 @@ public class SparkApplicationController { return RestResponse.success(application); } - @Operation(summary = "Create application") - @ApiAccess - @PermissionAction(id = "#app.teamId", type = PermissionTypeEnum.TEAM) @PostMapping("create") @RequiresPermissions("app:create") public RestResponse create(SparkApplication app) throws IOException { @@ -96,18 +83,14 @@ public class SparkApplicationController { return RestResponse.success(saved); } - @ApiAccess - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping(value = "copy") @RequiresPermissions("app:copy") - public RestResponse copy(@Parameter(hidden = true) SparkApplication app) throws IOException { + public RestResponse copy(SparkApplication app) throws IOException { applicationManageService.copy(app); return RestResponse.success(); } - @Operation(summary = "Update application") @AppUpdated - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping("update") @RequiresPermissions("app:update") public RestResponse update(SparkApplication app) { @@ -115,15 +98,12 @@ public class SparkApplicationController { return RestResponse.success(true); } - @Operation(summary = "Get applications dashboard data") @PostMapping("dashboard") public RestResponse dashboard(Long teamId) { Map<String, Serializable> dashboardMap = applicationInfoService.getDashboardDataMap(teamId); return RestResponse.success(dashboardMap); } - @Operation(summary = "List applications") - @ApiAccess @PostMapping("list") @RequiresPermissions("app:view") public RestResponse list(SparkApplication app, RestRequest request) { @@ -131,7 +111,6 @@ public class SparkApplicationController { return RestResponse.success(applicationList); } - @Operation(summary = "Mapping application") @AppUpdated @PostMapping("mapping") @RequiresPermissions("app:mapping") @@ -140,9 +119,7 @@ public class SparkApplicationController { return RestResponse.success(flag); } - @Operation(summary = "Revoke application") @AppUpdated - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping("revoke") @RequiresPermissions("app:release") public RestResponse revoke(SparkApplication app) { @@ -150,7 +127,6 @@ public class SparkApplicationController { return RestResponse.success(); } - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping(value = "check_start") @RequiresPermissions("app:start") public RestResponse checkStart(SparkApplication app) { @@ -158,11 +134,9 @@ public class SparkApplicationController { return RestResponse.success(stateEnum.get()); } - @ApiAccess - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping(value = "start") @RequiresPermissions("app:start") - public RestResponse start(@Parameter(hidden = true) SparkApplication app) { + public RestResponse start(SparkApplication app) { try { applicationActionService.start(app, false); return RestResponse.success(true); @@ -171,18 +145,14 @@ public class SparkApplicationController { } } - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping(value = "cancel") @RequiresPermissions("app:cancel") - public RestResponse cancel(@Parameter(hidden = true) SparkApplication app) throws Exception { + public RestResponse cancel(SparkApplication app) throws Exception { applicationActionService.cancel(app); return RestResponse.success(); } - @Operation(summary = "Clean application") @AppUpdated - @ApiAccess - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping("clean") @RequiresPermissions("app:clean") public RestResponse clean(SparkApplication app) { @@ -190,9 +160,6 @@ public class SparkApplicationController { return RestResponse.success(true); } - /** force stop(stop normal start or in progress) */ - @Operation(summary = "Force stop application") - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping("forcedStop") @RequiresPermissions("app:cancel") public RestResponse forcedStop(SparkApplication app) { @@ -200,56 +167,47 @@ public class SparkApplicationController { return RestResponse.success(); } - @Operation(summary = "Get application on yarn proxy address") @PostMapping("yarn") public RestResponse yarn() { return RestResponse.success(YarnUtils.getRMWebAppProxyURL()); } - @Operation(summary = "Get application on yarn name") @PostMapping("name") public RestResponse yarnName(SparkApplication app) { String yarnName = applicationInfoService.getYarnName(app.getConfig()); return RestResponse.success(yarnName); } - @Operation(summary = "Check the application exist status") @PostMapping("checkName") public RestResponse checkName(SparkApplication app) { AppExistsStateEnum exists = applicationInfoService.checkExists(app); return RestResponse.success(exists.get()); } - @Operation(summary = "Get application conf") @PostMapping("readConf") public RestResponse readConf(SparkApplication app) throws IOException { String config = applicationInfoService.readConf(app.getConfig()); return RestResponse.success(config); } - @Operation(summary = "Get application main-class") @PostMapping("main") public RestResponse getMain(SparkApplication application) { String mainClass = applicationInfoService.getMain(application); return RestResponse.success(mainClass); } - @Operation(summary = "List application backups") @PostMapping("backups") public RestResponse backups(ApplicationBackUp backUp, RestRequest request) { IPage<ApplicationBackUp> backups = backUpService.getPage(backUp, request); return RestResponse.success(backups); } - @Operation(summary = "List application operation logs") @PostMapping("optionlog") public RestResponse optionlog(ApplicationLog applicationLog, RestRequest request) { IPage<ApplicationLog> applicationList = applicationLogService.getPage(applicationLog, request); return RestResponse.success(applicationList); } - @Operation(summary = "Delete application operation log") - @PermissionAction(id = "#applicationLog.appId", type = PermissionTypeEnum.APP) @PostMapping("deleteOperationLog") @RequiresPermissions("app:delete") public RestResponse deleteOperationLog(Long id) { @@ -257,8 +215,6 @@ public class SparkApplicationController { return RestResponse.success(deleted); } - @Operation(summary = "Delete application") - @PermissionAction(id = "#app.id", type = PermissionTypeEnum.APP) @PostMapping("delete") @RequiresPermissions("app:delete") public RestResponse delete(SparkApplication app) throws InternalException { @@ -266,15 +222,12 @@ public class SparkApplicationController { return RestResponse.success(deleted); } - @Operation(summary = "Backup application when deleted") - @PermissionAction(id = "#backUp.appId", type = PermissionTypeEnum.APP) @PostMapping("deletebak") public RestResponse deleteBak(ApplicationBackUp backUp) throws InternalException { Boolean deleted = backUpService.removeById(backUp.getId()); return RestResponse.success(deleted); } - @Operation(summary = "Check the application jar") @PostMapping("checkjar") public RestResponse checkjar(String jar) { File file = new File(jar); @@ -286,7 +239,6 @@ public class SparkApplicationController { } } - @Operation(summary = "Upload the application jar") @PostMapping("upload") @RequiresPermissions("app:create") public RestResponse upload(MultipartFile file) throws Exception { @@ -294,7 +246,6 @@ public class SparkApplicationController { return RestResponse.success(uploadPath); } - @Hidden @PostMapping("verifySchema") public RestResponse verifySchema(String path) { final URI uri = URI.create(path); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkEnvController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkEnvController.java index a5c714ec9..f418a08fa 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkEnvController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SparkEnvController.java @@ -23,8 +23,6 @@ import org.apache.streampark.console.core.entity.SparkEnv; import org.apache.streampark.console.core.enums.FlinkEnvCheckEnum; import org.apache.streampark.console.core.service.SparkEnvService; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -34,7 +32,6 @@ import org.springframework.web.bind.annotation.RestController; import java.util.List; -@Tag(name = "SPARK_ENV_TAG") @Slf4j @Validated @RestController @@ -43,21 +40,18 @@ public class SparkEnvController { @Autowired private SparkEnvService sparkEnvService; - @Operation(summary = "Get spark environment") @PostMapping("list") public RestResponse list() { List<SparkEnv> sparkEnvList = sparkEnvService.list(); return RestResponse.success(sparkEnvList); } - @Operation(summary = "Verify spark environment") @PostMapping("check") public RestResponse check(SparkEnv version) { FlinkEnvCheckEnum checkResp = sparkEnvService.check(version); return RestResponse.success(checkResp.getCode()); } - @Operation(summary = "Create spark environment") @PostMapping("create") public RestResponse create(SparkEnv version) { try { @@ -68,7 +62,6 @@ public class SparkEnvController { return RestResponse.success(true); } - @Operation(summary = "Get spark environment") @PostMapping("get") public RestResponse get(Long id) throws Exception { SparkEnv sparkEnv = sparkEnvService.getById(id); @@ -76,14 +69,12 @@ public class SparkEnvController { return RestResponse.success(sparkEnv); } - @Operation(summary = "Sync spark environment conf") @PostMapping("sync") public RestResponse sync(Long id) throws Exception { sparkEnvService.syncConf(id); return RestResponse.success(); } - @Operation(summary = "Update spark environment") @PostMapping("update") public RestResponse update(SparkEnv version) throws Exception { try { @@ -94,21 +85,18 @@ public class SparkEnvController { return RestResponse.success(true); } - @Operation(summary = "Delete spark environment") @PostMapping("delete") public RestResponse delete(Long id) { sparkEnvService.removeById(id); return RestResponse.success(); } - @Operation(summary = "Check spark environment is valid, else throw exception") @PostMapping("validity") public RestResponse validity(SparkEnv version) { sparkEnvService.validity(version.getId()); return RestResponse.success(true); } - @Operation(summary = "Update spark environment as default") @PostMapping("default") public RestResponse setDefault(Long id) { sparkEnvService.setDefault(id); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SqlWorkBenchController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SqlWorkBenchController.java index c0d7aa77b..a17a7f5d9 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SqlWorkBenchController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/SqlWorkBenchController.java @@ -18,13 +18,10 @@ package org.apache.streampark.console.core.controller; import org.apache.streampark.console.base.domain.RestResponse; -import org.apache.streampark.console.core.annotation.ApiAccess; import org.apache.streampark.console.core.service.SqlWorkBenchService; import org.apache.streampark.gateway.results.ResultQueryCondition; import org.apache.streampark.gateway.session.SessionHandle; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; @@ -36,7 +33,6 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -@Api(tags = {"FLINK_GATEWAY_TAG"}) @Slf4j @Validated @RestController @@ -51,9 +47,6 @@ public class SqlWorkBenchController { // ------------------------------------------------------------------------------------------- // Validation API // ------------------------------------------------------------------------------------------- - @ApiAccess - @ApiOperation(value = "Check Support", notes = "Check Support", tags = "FLINK_GATEWAY_TAG") - @GetMapping("{flinkClusterId}/check") public RestResponse check(@PathVariable Long flinkGatewayId, @PathVariable Long flinkClusterId) { return RestResponse.success(sqlWorkBenchService.check(flinkGatewayId, flinkClusterId)); } @@ -62,8 +55,6 @@ public class SqlWorkBenchController { // Info API // ------------------------------------------------------------------------------------------- - @ApiAccess - @ApiOperation(value = "Get gateway info", notes = "Get gateway info", tags = "FLINK_GATEWAY_TAG") @GetMapping("getGatewayInfo") public RestResponse getGatewayInfo(@PathVariable Long flinkGatewayId) { return RestResponse.success(sqlWorkBenchService.getGatewayInfo(flinkGatewayId)); @@ -73,8 +64,6 @@ public class SqlWorkBenchController { // Session Management // ------------------------------------------------------------------------------------------- - @ApiAccess - @ApiOperation(value = "Open sessions", notes = "Open sessions", tags = "FLINK_GATEWAY_TAG") @PostMapping("/{flinkClusterId}/sessions") public RestResponse openSession( @PathVariable Long flinkGatewayId, @PathVariable Long flinkClusterId) { @@ -82,8 +71,6 @@ public class SqlWorkBenchController { return RestResponse.success(sessionHandle); } - @ApiAccess - @ApiOperation(value = "Heartbeat", notes = "Heartbeat", tags = "FLINK_GATEWAY_TAG") @PostMapping("sessions/{sessionHandle}/heartbeat") public RestResponse heartbeat( @PathVariable Long flinkGatewayId, @PathVariable String sessionHandle) { @@ -91,8 +78,6 @@ public class SqlWorkBenchController { return RestResponse.success(); } - @ApiAccess - @ApiOperation(value = "Close session", notes = "Close session", tags = "FLINK_GATEWAY_TAG") @DeleteMapping("sessions/{sessionHandle}") public RestResponse closeSession( @PathVariable Long flinkGatewayId, @PathVariable String sessionHandle) { @@ -104,8 +89,6 @@ public class SqlWorkBenchController { // Operation Management // ------------------------------------------------------------------------------------------- - @ApiAccess - @ApiOperation(value = "Cancel operation", notes = "Cancel operation", tags = "FLINK_GATEWAY_TAG") @PostMapping("sessions/{sessionHandle}/operations/{operationHandle}/cancel") public RestResponse cancelOperation( @PathVariable Long flinkGatewayId, @@ -115,8 +98,6 @@ public class SqlWorkBenchController { return RestResponse.success(); } - @ApiAccess - @ApiOperation(value = "Close operation", notes = "Close operation", tags = "FLINK_GATEWAY_TAG") @DeleteMapping("sessions/{sessionHandle}/operations/{operationHandle}/close") public RestResponse closeOperation( @PathVariable Long flinkGatewayId, @@ -126,11 +107,6 @@ public class SqlWorkBenchController { return RestResponse.success(); } - @ApiAccess - @ApiOperation( - value = "Get operation info", - notes = "Get operation info", - tags = "FLINK_GATEWAY_TAG") @PostMapping("sessions/{sessionHandle}/operations/{operationHandle}/info") public RestResponse getOperationInfo( @PathVariable Long flinkGatewayId, @@ -140,11 +116,6 @@ public class SqlWorkBenchController { sqlWorkBenchService.getOperationInfo(flinkGatewayId, sessionHandle, operationHandle)); } - @ApiAccess - @ApiOperation( - value = "Get operation result schema", - notes = "Get operation result schema", - tags = "FLINK_GATEWAY_TAG") @PostMapping("sessions/{sessionHandle}/operations/{operationHandle}/resultSchema") public RestResponse getOperationResultSchema( @PathVariable Long flinkGatewayId, @@ -159,11 +130,6 @@ public class SqlWorkBenchController { // Statements API // ------------------------------------------------------------------------------------------- - @ApiAccess - @ApiOperation( - value = "Execute statement", - notes = "Execute statement", - tags = "FLINK_GATEWAY_TAG") @PostMapping("sessions/{sessionHandle}/statements") public RestResponse executeStatement( @PathVariable Long flinkGatewayId, @@ -173,8 +139,6 @@ public class SqlWorkBenchController { sqlWorkBenchService.executeStatement(flinkGatewayId, sessionHandle, statement)); } - @ApiAccess - @ApiOperation(value = "Fetch results", notes = "Fetch results", tags = "FLINK_GATEWAY_TAG") @PostMapping("sessions/{sessionHandle}/statements/{operationHandle}/info") public RestResponse fetchResults( @PathVariable Long flinkGatewayId, diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/VariableController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/VariableController.java index 68cc2d54c..569b46166 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/VariableController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/VariableController.java @@ -26,8 +26,6 @@ import org.apache.streampark.console.core.service.VariableService; import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -43,7 +41,6 @@ import javax.validation.constraints.NotBlank; import java.util.List; -@Tag(name = "VARIABLE_TAG") @Slf4j @Validated @RestController @@ -59,7 +56,6 @@ public class VariableController { * @param variable * @return */ - @Operation(summary = "List variables") @PostMapping("page") @RequiresPermissions("variable:view") public RestResponse page(RestRequest restRequest, Variable variable) { @@ -77,7 +73,6 @@ public class VariableController { * @param keyword Fuzzy search keywords through variable code or description, Nullable. * @return */ - @Operation(summary = "List variables") @PostMapping("list") public RestResponse variableList(@RequestParam Long teamId, String keyword) { List<Variable> variableList = variableService.listByTeamId(teamId, keyword); @@ -87,7 +82,6 @@ public class VariableController { return RestResponse.success(variableList); } - @Operation(summary = "List the variable depend applications") @PostMapping("dependApps") @RequiresPermissions("variable:depend_apps") public RestResponse dependApps(RestRequest restRequest, Variable variable) { @@ -95,7 +89,6 @@ public class VariableController { return RestResponse.success(dependApps); } - @Operation(summary = "Create variable") @PostMapping("post") @RequiresPermissions("variable:add") public RestResponse addVariable(@Valid Variable variable) { @@ -103,7 +96,6 @@ public class VariableController { return RestResponse.success(); } - @Operation(summary = "Update variable") @PutMapping("update") @RequiresPermissions("variable:update") public RestResponse updateVariable(@Valid Variable variable) { @@ -111,7 +103,6 @@ public class VariableController { return RestResponse.success(); } - @Operation(summary = "Get variable") @PostMapping("showOriginal") @RequiresPermissions("variable:show_original") public RestResponse showOriginal(@RequestParam Long id) { @@ -119,7 +110,6 @@ public class VariableController { return RestResponse.success(v); } - @Operation(summary = "Delete variable") @DeleteMapping("delete") @RequiresPermissions("variable:delete") public RestResponse deleteVariable(@Valid Variable variable) { @@ -127,7 +117,6 @@ public class VariableController { return RestResponse.success(); } - @Operation(summary = "Check variable code") @PostMapping("check/code") public RestResponse checkVariableCode( @RequestParam Long teamId, @NotBlank(message = "{required}") String variableCode) { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/YarnQueueController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/YarnQueueController.java index 853b504fe..317c4ecd1 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/YarnQueueController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/controller/YarnQueueController.java @@ -19,15 +19,12 @@ package org.apache.streampark.console.core.controller; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; -import org.apache.streampark.console.core.annotation.ApiAccess; import org.apache.streampark.console.core.entity.YarnQueue; import org.apache.streampark.console.core.service.YarnQueueService; import org.apache.shiro.authz.annotation.RequiresPermissions; import com.baomidou.mybatisplus.core.metadata.IPage; -import io.swagger.v3.oas.annotations.Operation; -import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; @@ -35,7 +32,6 @@ import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -@Tag(name = "YARN_QUEUE_TAG") @Slf4j @Validated @RestController @@ -51,31 +47,23 @@ public class YarnQueueController { * @param yarnQueue optional fields used to search. * @return RestResponse with IPage<{@link YarnQueue}> object. */ - @Operation(summary = "List yarn queues") - @ApiAccess @PostMapping("list") public RestResponse list(RestRequest restRequest, YarnQueue yarnQueue) { IPage<YarnQueue> queuePage = yarnQueueService.getPage(yarnQueue, restRequest); return RestResponse.success(queuePage); } - @Operation(summary = "Check yarn queue valid") - @ApiAccess @PostMapping("check") public RestResponse check(YarnQueue yarnQueue) { return RestResponse.success(yarnQueueService.checkYarnQueue(yarnQueue)); } - @Operation(summary = "Create yarn queue") - @ApiAccess @PostMapping("create") @RequiresPermissions("yarnQueue:create") public RestResponse create(YarnQueue yarnQueue) { return RestResponse.success(yarnQueueService.createYarnQueue(yarnQueue)); } - @Operation(summary = "Update yarn queue") - @ApiAccess @PostMapping("update") @RequiresPermissions("yarnQueue:update") public RestResponse update(YarnQueue yarnQueue) { @@ -83,10 +71,6 @@ public class YarnQueueController { return RestResponse.success(); } - @Operation( - summary = "Delete yarn queue", - description = "delete by (team id & yarn queue) or yarn queue id") - @ApiAccess @PostMapping("delete") @RequiresPermissions("yarnQueue:delete") public RestResponse delete(YarnQueue yarnQueue) { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/enums/AuthenticationType.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/enums/AuthenticationType.java new file mode 100644 index 000000000..9de9d09b1 --- /dev/null +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/enums/AuthenticationType.java @@ -0,0 +1,23 @@ +package org.apache.streampark.console.core.enums; + +import java.util.Arrays; + +public enum AuthenticationType { + SIGN(1), + + OPENAPI(2); + + private final Integer value; + + AuthenticationType(int value) { + this.value = value; + } + + public int get() { + return this.value; + } + + public static AuthenticationType of(Integer value) { + return Arrays.stream(values()).filter((x) -> x.value == value).findFirst().orElse(null); + } +} diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/enums/PermissionTypeEnum.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/enums/PermissionTypeEnum.java deleted file mode 100644 index 989fd5baa..000000000 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/core/enums/PermissionTypeEnum.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.streampark.console.core.enums; - -import java.util.Arrays; - -public enum PermissionTypeEnum { - USER(1), - TEAM(2), - APP(3); - - private final int value; - - public int get() { - return this.value; - } - - PermissionTypeEnum(int value) { - this.value = value; - } - - public static PermissionTypeEnum of(Integer value) { - return Arrays.stream(values()).filter((x) -> x.value == value).findFirst().orElse(null); - } -} diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTFilter.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTFilter.java index 3eb1d2540..796678e19 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTFilter.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTFilter.java @@ -17,18 +17,14 @@ package org.apache.streampark.console.system.authentication; -import org.apache.streampark.console.base.properties.ShiroProperties; -import org.apache.streampark.console.base.util.SpringContextUtils; import org.apache.streampark.console.base.util.WebUtils; +import org.apache.streampark.console.core.enums.AuthenticationType; -import org.apache.commons.lang3.StringUtils; import org.apache.shiro.authz.UnauthorizedException; import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter; -import com.baomidou.mybatisplus.core.toolkit.StringPool; import lombok.extern.slf4j.Slf4j; import org.springframework.http.HttpStatus; -import org.springframework.util.AntPathMatcher; import org.springframework.web.bind.annotation.RequestMethod; import javax.servlet.ServletRequest; @@ -38,27 +34,12 @@ import javax.servlet.http.HttpServletResponse; @Slf4j public class JWTFilter extends BasicHttpAuthenticationFilter { - private static final String TOKEN = "Authorization"; - private final AntPathMatcher pathMatcher = new AntPathMatcher(); - @Override protected boolean isAccessAllowed( ServletRequest request, ServletResponse response, Object mappedValue) throws UnauthorizedException { - HttpServletRequest httpServletRequest = (HttpServletRequest) request; - ShiroProperties properties = SpringContextUtils.getBean(ShiroProperties.class); - String[] anonUrl = - StringUtils.splitByWholeSeparatorPreserveAllTokens( - properties.getAnonUrl(), StringPool.COMMA); - - for (String url : anonUrl) { - if (pathMatcher.match(url.trim(), httpServletRequest.getRequestURI())) { - return true; - } - } - if (isLoginAttempt(request, response)) { return executeLogin(request, response); } @@ -69,21 +50,27 @@ public class JWTFilter extends BasicHttpAuthenticationFilter { protected boolean isLoginAttempt(ServletRequest request, ServletResponse response) { HttpServletRequest req = (HttpServletRequest) request; String token = req.getHeader(TOKEN); - return StringUtils.isNotBlank(token); + return token != null; } @Override protected boolean executeLogin(ServletRequest request, ServletResponse response) { HttpServletRequest httpServletRequest = (HttpServletRequest) request; String token = httpServletRequest.getHeader(TOKEN); - JWTToken jwtToken = new JWTToken(WebUtils.decryptToken(token)); - try { - getSubject(request, response).login(jwtToken); - return true; - } catch (Exception e) { - log.error("Error in executeLogin, token {}, jwtToken {}", token, jwtToken, e); + AuthenticationType type = JWTUtil.getAuthType(WebUtils.decryptToken(token)); + if (type == null) { return false; } + if (type == AuthenticationType.OPENAPI) { + JWTToken jwtToken = new JWTToken(WebUtils.decryptToken(token)); + try { + getSubject(request, response).login(jwtToken); + return true; + } catch (Exception e) { + return false; + } + } + return true; } /** cross-domain support */ diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTToken.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTToken.java index f04adad00..7ea0505ff 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTToken.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTToken.java @@ -31,13 +31,16 @@ public class JWTToken implements AuthenticationToken { private String expireAt; + private int signType; + public JWTToken(String token) { this.token = token; } - public JWTToken(String token, String expireAt) { + public JWTToken(String token, String expireAt, int signType) { this.token = token; this.expireAt = expireAt; + this.signType = signType; } @Override diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java index 073bdeed0..4af7fe24b 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java @@ -17,35 +17,22 @@ package org.apache.streampark.console.system.authentication; -import org.apache.streampark.console.base.properties.ShiroProperties; -import org.apache.streampark.console.base.util.SpringContextUtils; - -import org.apache.commons.lang3.RandomStringUtils; -import org.apache.shiro.authc.AuthenticationException; +import org.apache.streampark.console.core.enums.AuthenticationType; import com.auth0.jwt.JWT; import com.auth0.jwt.JWTVerifier; import com.auth0.jwt.algorithms.Algorithm; -import com.auth0.jwt.exceptions.JWTDecodeException; -import com.auth0.jwt.exceptions.TokenExpiredException; import com.auth0.jwt.interfaces.DecodedJWT; import lombok.extern.slf4j.Slf4j; import java.util.Date; +import java.util.regex.Pattern; /** Verification and parsing Token */ @Slf4j public class JWTUtil { - private static final long JWT_TIME_OUT = - SpringContextUtils.getBean(ShiroProperties.class).getJwtTimeOut() * 1000; - - private static final Algorithm algorithm = - Algorithm.HMAC256(RandomStringUtils.randomAlphanumeric(256)); - - private static final String USER_NAME = "userName"; - - private static final String USER_ID = "userId"; + private static Long ttlOfSecond; /** * verify token @@ -53,15 +40,13 @@ public class JWTUtil { * @param token token * @return is valid token */ - public static boolean verify(String token, String username) { + public static boolean verify(String token, String username, String secret) { try { - JWTVerifier verifier = JWT.require(algorithm).withClaim(USER_NAME, username).build(); + Algorithm algorithm = Algorithm.HMAC256(secret); + JWTVerifier verifier = JWT.require(algorithm).withClaim("userName", username).build(); verifier.verify(token); return true; - } catch (TokenExpiredException e) { - throw new AuthenticationException(e.getMessage()); - } catch (Exception e) { - log.error("token is invalid:{} , e:{}", e.getMessage(), e.getClass()); + } catch (Exception ignored) { return false; } } @@ -70,9 +55,8 @@ public class JWTUtil { public static String getUserName(String token) { try { DecodedJWT jwt = JWT.decode(token); - return jwt.getClaim(USER_NAME).asString(); - } catch (JWTDecodeException e) { - log.error("error:{}", e.getMessage()); + return jwt.getClaim("userName").asString(); + } catch (Exception ignored) { return null; } } @@ -80,9 +64,18 @@ public class JWTUtil { public static Long getUserId(String token) { try { DecodedJWT jwt = JWT.decode(token); - return jwt.getClaim(USER_ID).asLong(); - } catch (JWTDecodeException e) { - log.error("error:{}", e.getMessage()); + return jwt.getClaim("userId").asLong(); + } catch (Exception ignored) { + return null; + } + } + + public static AuthenticationType getAuthType(String token) { + try { + DecodedJWT jwt = JWT.decode(token); + int type = jwt.getClaim("type").asInt(); + return AuthenticationType.of(type); + } catch (Exception ignored) { return null; } } @@ -94,8 +87,11 @@ public class JWTUtil { * @param userName * @return */ - public static String sign(Long userId, String userName) { - return sign(userId, userName, getExpireTime()); + public static String sign( + Long userId, String userName, String secret, AuthenticationType authType) { + Long second = getTTLOfSecond() * 1000; + Long ttl = System.currentTimeMillis() + second; + return sign(userId, userName, secret, authType, ttl); } /** @@ -106,22 +102,41 @@ public class JWTUtil { * @param expireTime * @return */ - public static String sign(Long userId, String userName, Long expireTime) { - try { - Date date = new Date(expireTime); - return JWT.create() - .withClaim(USER_ID, userId) - .withClaim(USER_NAME, userName) - .withExpiresAt(date) - .sign(algorithm); - } catch (Exception e) { - log.error("error:{}", e.getMessage()); - return null; - } + public static String sign( + Long userId, String userName, String secret, AuthenticationType authType, Long expireTime) { + Date date = new Date(expireTime); + Algorithm algorithm = Algorithm.HMAC256(secret); + return JWT.create() + .withClaim("userId", userId) + .withClaim("userName", userName) + .withClaim("type", authType.get()) + .withExpiresAt(date) + .sign(algorithm); } - /** get token expire timestamp */ - private static Long getExpireTime() { - return System.currentTimeMillis() + JWT_TIME_OUT; + public static Long getTTLOfSecond() { + if (ttlOfSecond == null) { + String ttl = System.getProperty("server.session.ttl", "24h").trim(); + String regexp = "^\\d+(s|m|h|d)$"; + Pattern pattern = Pattern.compile(regexp); + if (!pattern.matcher(ttl).matches()) { + throw new IllegalArgumentException( + "server.session.ttl is invalid, Time units must be [s|m|h|d], e.g: 24h, 2d... please check config.yaml "); + } + String unit = ttl.substring(ttl.length() - 1); + String time = ttl.substring(0, ttl.length() - 1); + Long second = Long.parseLong(time); + switch (unit) { + case "m": + return ttlOfSecond = second * 60; + case "h": + return ttlOfSecond = second * 60 * 60; + case "d": + return ttlOfSecond = second * 24 * 60 * 60; + default: + return ttlOfSecond = second; + } + } + return ttlOfSecond; } } diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java index 41e7f0586..8e729e879 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java @@ -18,6 +18,7 @@ package org.apache.streampark.console.system.authentication; import org.apache.streampark.console.base.util.WebUtils; +import org.apache.streampark.console.core.enums.AuthenticationType; import org.apache.streampark.console.system.entity.AccessToken; import org.apache.streampark.console.system.entity.User; import org.apache.streampark.console.system.service.AccessTokenService; @@ -79,28 +80,33 @@ public class ShiroRealm extends AuthorizingRealm { protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { // The token here is passed from the executeLogin method of JWTFilter and has been decrypted - String token = (String) authenticationToken.getCredentials(); - String username = JWTUtil.getUserName(token); + String credential = (String) authenticationToken.getCredentials(); + String username = JWTUtil.getUserName(credential); + if (StringUtils.isBlank(username)) { - throw new AuthenticationException("Token verification failed"); + throw new AuthenticationException("the authorization token is invalid"); } // Query user information by username User user = userService.getByUsername(username); - - if (user == null) { - throw new AuthenticationException("ERROR Incorrect username or password!"); + if (user == null || !JWTUtil.verify(credential, username, user.getSalt())) { + throw new AuthenticationException("the authorization token verification failed."); } - if (!JWTUtil.verify(token, username)) { + AuthenticationType authType = JWTUtil.getAuthType(credential); + if (authType == AuthenticationType.OPENAPI) { // Check whether the token belongs to the api and whether the permission is valid - String tokenDb = WebUtils.encryptToken(token); - boolean effective = accessTokenService.checkTokenEffective(user.getUserId(), tokenDb); - if (!effective) { + AccessToken accessToken = accessTokenService.getByUserId(user.getUserId()); + if (accessToken == null + || !accessToken.getToken().equals(WebUtils.encryptToken(credential))) { + throw new AuthenticationException("the openapi authorization token is invalid"); + } + if (AccessToken.STATUS_DISABLE.equals(accessToken.getFinalStatus())) { throw new AuthenticationException( - "Token checked failed: 1-[Browser Request] please check the username or password; 2-[Api Request] please check the user status or accessToken status"); + "the openapi authorization token has been disabled, please contact the administrator"); } SecurityUtils.getSubject().getSession().setAttribute(AccessToken.IS_API_TOKEN, true); } - return new SimpleAuthenticationInfo(token, token, "streampark_shiro_realm"); + + return new SimpleAuthenticationInfo(credential, credential, "streampark_shiro_realm"); } } diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/AccessTokenController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/AccessTokenController.java index ae723b141..d7a2ff93f 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/AccessTokenController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/AccessTokenController.java @@ -78,10 +78,9 @@ public class AccessTokenController { @RequiresPermissions("token:add") public RestResponse createToken( @NotBlank(message = "{required}") Long userId, - String expireTime, @RequestParam(required = false) String description) throws InternalException { - return accessTokenService.generateToken(userId, expireTime, description); + return accessTokenService.create(userId, description); } @Operation(summary = "Verify current user token") diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java index 900245f4e..13a6a4050 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java @@ -19,8 +19,6 @@ package org.apache.streampark.console.system.controller; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; -import org.apache.streampark.console.core.annotation.PermissionAction; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; import org.apache.streampark.console.system.entity.Member; import org.apache.streampark.console.system.entity.Team; import org.apache.streampark.console.system.entity.User; @@ -83,7 +81,6 @@ public class MemberController { } @Operation(summary = "Create member") - @PermissionAction(id = "#member.teamId", type = PermissionTypeEnum.TEAM) @PostMapping("post") @RequiresPermissions("member:add") public RestResponse create(@Valid Member member) { @@ -92,7 +89,6 @@ public class MemberController { } @Operation(summary = "Delete member") - @PermissionAction(id = "#member.teamId", type = PermissionTypeEnum.TEAM) @DeleteMapping("delete") @RequiresPermissions("member:delete") public RestResponse delete(Member member) { @@ -101,7 +97,6 @@ public class MemberController { } @Operation(summary = "Update member") - @PermissionAction(id = "#member.teamId", type = PermissionTypeEnum.TEAM) @PutMapping("update") @RequiresPermissions("member:update") public RestResponse update(Member member) { diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java index 0d15b02c7..cf0c08373 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java @@ -21,9 +21,7 @@ import org.apache.streampark.console.base.domain.ResponseCode; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; import org.apache.streampark.console.base.exception.ApiAlertException; -import org.apache.streampark.console.core.annotation.PermissionAction; import org.apache.streampark.console.core.enums.LoginTypeEnum; -import org.apache.streampark.console.core.enums.PermissionTypeEnum; import org.apache.streampark.console.core.service.CommonService; import org.apache.streampark.console.system.entity.Team; import org.apache.streampark.console.system.entity.User; @@ -112,7 +110,6 @@ public class UserController { } @Operation(summary = "Update password") - @PermissionAction(id = "#user.userId", type = PermissionTypeEnum.USER) @PutMapping("password") public RestResponse updatePassword(User user) throws Exception { userService.updatePassword(user); diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/AccessTokenService.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/AccessTokenService.java index 1030e16d6..a3408e4f4 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/AccessTokenService.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/AccessTokenService.java @@ -32,13 +32,11 @@ public interface AccessTokenService extends IService<AccessToken> { * Generate token based on user ID's expiration time and description * * @param userId User id - * @param expireTime expiration * @param description more description * @return RestResponse * @throws InternalException */ - RestResponse generateToken(Long userId, String expireTime, String description) - throws InternalException; + RestResponse create(Long userId, String description) throws InternalException; /** * Retrieves a page of {@link AccessToken} objects based on the provided parameters. diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java index 676c8dab3..cc3abf23d 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java @@ -17,12 +17,12 @@ package org.apache.streampark.console.system.service.impl; -import org.apache.streampark.common.util.DateUtils; import org.apache.streampark.console.base.domain.ResponseCode; import org.apache.streampark.console.base.domain.RestRequest; import org.apache.streampark.console.base.domain.RestResponse; import org.apache.streampark.console.base.mybatis.pager.MybatisPager; import org.apache.streampark.console.base.util.WebUtils; +import org.apache.streampark.console.core.enums.AuthenticationType; import org.apache.streampark.console.system.authentication.JWTToken; import org.apache.streampark.console.system.authentication.JWTUtil; import org.apache.streampark.console.system.entity.AccessToken; @@ -31,8 +31,6 @@ import org.apache.streampark.console.system.mapper.AccessTokenMapper; import org.apache.streampark.console.system.service.AccessTokenService; import org.apache.streampark.console.system.service.UserService; -import org.apache.commons.lang3.StringUtils; - import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; @@ -44,8 +42,6 @@ import org.springframework.transaction.annotation.Transactional; import java.util.Date; import java.util.List; -import java.util.Objects; -import java.util.TimeZone; @Slf4j @Service @@ -56,24 +52,22 @@ public class AccessTokenServiceImpl extends ServiceImpl<AccessTokenMapper, Acces @Autowired private UserService userService; @Override - public RestResponse generateToken(Long userId, String expireTime, String description) { + public RestResponse create(Long userId, String description) { User user = userService.getById(userId); - if (Objects.isNull(user)) { - return RestResponse.success().put(RestResponse.CODE_KEY, 0).message("user not available"); - } - - if (StringUtils.isBlank(expireTime)) { - expireTime = AccessToken.DEFAULT_EXPIRE_TIME; + if (user == null) { + return RestResponse.success().put("code", 0).message("user not available"); } - Long ttl = DateUtils.getTime(expireTime, DateUtils.fullFormat(), TimeZone.getDefault()); - String token = WebUtils.encryptToken(JWTUtil.sign(user.getUserId(), user.getUsername(), ttl)); - JWTToken jwtToken = new JWTToken(token, expireTime); + String token = + WebUtils.encryptToken( + JWTUtil.sign( + user.getUserId(), user.getUsername(), user.getSalt(), AuthenticationType.OPENAPI)); + JWTToken jwtToken = new JWTToken(token, AccessToken.DEFAULT_EXPIRE_TIME, 1); AccessToken accessToken = new AccessToken(); accessToken.setToken(jwtToken.getToken()); accessToken.setUserId(user.getUserId()); accessToken.setDescription(description); - accessToken.setExpireTime(DateUtils.stringToDate(jwtToken.getExpireAt())); + Date date = new Date(); accessToken.setCreateTime(date); accessToken.setModifyTime(date); @@ -101,7 +95,7 @@ public class AccessTokenServiceImpl extends ServiceImpl<AccessTokenMapper, Acces @Override public RestResponse toggleToken(Long tokenId) { AccessToken tokenInfo = baseMapper.selectById(tokenId); - if (Objects.isNull(tokenInfo)) { + if (tokenInfo == null) { return RestResponse.fail(ResponseCode.CODE_FAIL_ALERT, "accessToken could not be found!"); } @@ -116,8 +110,11 @@ public class AccessTokenServiceImpl extends ServiceImpl<AccessTokenMapper, Acces ? AccessToken.STATUS_DISABLE : AccessToken.STATUS_ENABLE; - tokenInfo.setStatus(status); - return RestResponse.success(this.updateById(tokenInfo)); + AccessToken updateObj = new AccessToken(); + updateObj.setStatus(status); + updateObj.setId(tokenId); + updateObj.setModifyTime(new Date()); + return RestResponse.success(this.updateById(updateObj)); } @Override diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/UserServiceImpl.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/UserServiceImpl.java index 8ce251619..d3eb0f443 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/UserServiceImpl.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/UserServiceImpl.java @@ -27,6 +27,7 @@ import org.apache.streampark.console.base.mybatis.pager.MybatisPager; import org.apache.streampark.console.base.properties.ShiroProperties; import org.apache.streampark.console.base.util.ShaHashUtils; import org.apache.streampark.console.base.util.WebUtils; +import org.apache.streampark.console.core.enums.AuthenticationType; import org.apache.streampark.console.core.enums.LoginTypeEnum; import org.apache.streampark.console.core.service.ResourceService; import org.apache.streampark.console.core.service.application.ApplicationInfoService; @@ -293,10 +294,13 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us } updateLoginTime(user.getUsername()); - String token = WebUtils.encryptToken(JWTUtil.sign(user.getUserId(), user.getUsername())); + String token = + WebUtils.encryptToken( + JWTUtil.sign( + user.getUserId(), user.getUsername(), user.getSalt(), AuthenticationType.SIGN)); LocalDateTime expireTime = LocalDateTime.now().plusSeconds(shiroProperties.getJwtTimeOut()); String expireTimeStr = DateUtils.formatFullTime(expireTime); - JWTToken jwtToken = new JWTToken(token, expireTimeStr); + JWTToken jwtToken = new JWTToken(token, expireTimeStr, 1); String userId = RandomStringUtils.randomAlphanumeric(20); user.setId(userId); Map<String, Object> userInfo = generateFrontendUserInfo(user, user.getLastTeamId(), jwtToken); diff --git a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java index 8d8efed20..735cb1c23 100644 --- a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java +++ b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java @@ -57,7 +57,7 @@ public class AccessTokenServiceTest extends SpringUnitTestBase { Assertions.assertEquals("admin", username); User user = userService.getByUsername(username); Assertions.assertNotNull(user); - Assertions.assertTrue(JWTUtil.verify(jwtToken.getToken(), username)); + Assertions.assertTrue(JWTUtil.verify(jwtToken.getToken(), username, user.getSalt())); // list AccessToken mockToken1 = new AccessToken(); diff --git a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java index e3501841f..c59cba3ed 100644 --- a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java +++ b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java @@ -19,6 +19,7 @@ package org.apache.streampark.console.system.authentication; import org.apache.streampark.common.util.DateUtils; import org.apache.streampark.console.SpringUnitTestBase; +import org.apache.streampark.console.core.enums.AuthenticationType; import org.apache.streampark.console.system.entity.AccessToken; import com.auth0.jwt.JWT; @@ -38,6 +39,8 @@ class JWTTest extends SpringUnitTestBase { JWTUtil.sign( 10000L, userName, + "streampark", + AuthenticationType.SIGN, DateUtils.getTime(expireTime, DateUtils.fullFormat(), TimeZone.getDefault())); assert token != null;
