This is an automated email from the ASF dual-hosted git repository.
zehnder pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/streampipes.git
The following commit(s) were added to refs/heads/dev by this push:
new dce7d250ab fix(3887): permission objects lost after exporting and re
importing assets with sanitized resource ids (#3888)
dce7d250ab is described below
commit dce7d250abe824f9d0e177fa0c628e49d71c10d0
Author: Philipp Zehnder <[email protected]>
AuthorDate: Tue Oct 28 20:30:39 2025 +0100
fix(3887): permission objects lost after exporting and re importing assets
with sanitized resource ids (#3888)
---
.../export/dataimport/PerformImportGenerator.java | 12 ++-
.../core/migrations/AvailableMigrations.java | 4 +-
.../v0980/FixImportedPermissionsMigration.java | 116 +++++++++++++++++++++
3 files changed, 126 insertions(+), 6 deletions(-)
diff --git
a/streampipes-data-export/src/main/java/org/apache/streampipes/export/dataimport/PerformImportGenerator.java
b/streampipes-data-export/src/main/java/org/apache/streampipes/export/dataimport/PerformImportGenerator.java
index 674d9b287e..2b4d8b62f3 100644
---
a/streampipes-data-export/src/main/java/org/apache/streampipes/export/dataimport/PerformImportGenerator.java
+++
b/streampipes-data-export/src/main/java/org/apache/streampipes/export/dataimport/PerformImportGenerator.java
@@ -30,7 +30,6 @@ import
org.apache.streampipes.export.resolver.MeasurementResolver;
import org.apache.streampipes.export.resolver.PipelineResolver;
import org.apache.streampipes.manager.file.FileHandler;
import org.apache.streampipes.model.SpDataStream;
-import org.apache.streampipes.model.connect.adapter.AdapterDescription;
import org.apache.streampipes.model.dashboard.DashboardModel;
import org.apache.streampipes.model.datalake.DataExplorerWidgetModel;
import org.apache.streampipes.model.datalake.DataLakeMeasure;
@@ -81,7 +80,7 @@ public class PerformImportGenerator extends
ImportGenerator<Void> {
protected void handleAdapter(String document, String adapterId) throws
JsonProcessingException {
if (shouldStore(adapterId, config.getAdapters())) {
writeDocument(document, new AdapterResolver());
- permissionsToStore.add(new PermissionInfo(adapterId,
AdapterDescription.class));
+ // adapters do not have permissions associated
}
}
@@ -89,7 +88,8 @@ public class PerformImportGenerator extends
ImportGenerator<Void> {
protected void handleChart(String document, String chartId) throws
JsonProcessingException {
if (shouldStore(chartId, config.getDataViews())) {
writeDocument(document, new ChartResolver());
- permissionsToStore.add(new PermissionInfo(chartId,
DataExplorerWidgetModel.class));
+ var chart = new ChartResolver().deserializeDocument(document);
+ permissionsToStore.add(new PermissionInfo(chart.getElementId(),
DataExplorerWidgetModel.class));
}
}
@@ -97,7 +97,8 @@ public class PerformImportGenerator extends
ImportGenerator<Void> {
protected void handleDashboard(String document, String dashboardId) throws
JsonProcessingException {
if (shouldStore(dashboardId, config.getDashboards())) {
writeDocument(document, new DashboardResolver());
- permissionsToStore.add(new PermissionInfo(dashboardId,
DashboardModel.class));
+ var dashboard = new DashboardResolver().deserializeDocument(document);
+ permissionsToStore.add(new PermissionInfo(dashboard.getElementId(),
DashboardModel.class));
}
}
@@ -105,7 +106,8 @@ public class PerformImportGenerator extends
ImportGenerator<Void> {
protected void handleDataSource(String document, String dataSourceId) throws
JsonProcessingException {
if (shouldStore(dataSourceId, config.getDataSources())) {
writeDocument(document, new DataSourceResolver());
- permissionsToStore.add(new PermissionInfo(dataSourceId,
SpDataStream.class));
+ var dataStream = new DataSourceResolver().deserializeDocument(document);
+ permissionsToStore.add(new PermissionInfo(dataStream.getElementId(),
SpDataStream.class));
}
}
diff --git
a/streampipes-service-core/src/main/java/org/apache/streampipes/service/core/migrations/AvailableMigrations.java
b/streampipes-service-core/src/main/java/org/apache/streampipes/service/core/migrations/AvailableMigrations.java
index fcacf4433b..b4afb1897a 100644
---
a/streampipes-service-core/src/main/java/org/apache/streampipes/service/core/migrations/AvailableMigrations.java
+++
b/streampipes-service-core/src/main/java/org/apache/streampipes/service/core/migrations/AvailableMigrations.java
@@ -28,6 +28,7 @@ import
org.apache.streampipes.service.core.migrations.v093.StoreEmailTemplatesMi
import
org.apache.streampipes.service.core.migrations.v095.MergeFilenamesAndRenameDuplicatesMigration;
import
org.apache.streampipes.service.core.migrations.v0980.AddDataLakeMeasureViewMigration;
import
org.apache.streampipes.service.core.migrations.v0980.AddDefaultExportProviderMigration;
+import
org.apache.streampipes.service.core.migrations.v0980.FixImportedPermissionsMigration;
import
org.apache.streampipes.service.core.migrations.v0980.ModifyAssetLinkTypesMigration;
import
org.apache.streampipes.service.core.migrations.v0980.ModifyAssetLinksMigration;
import
org.apache.streampipes.service.core.migrations.v970.AddDataLakePipelineTemplateMigration;
@@ -60,7 +61,8 @@ public class AvailableMigrations {
new ModifyAssetLinksMigration(),
new ModifyAssetLinkTypesMigration(),
new AddDataLakeMeasureViewMigration(),
- new AddDefaultExportProviderMigration()
+ new AddDefaultExportProviderMigration(),
+ new FixImportedPermissionsMigration()
);
}
}
diff --git
a/streampipes-service-core/src/main/java/org/apache/streampipes/service/core/migrations/v0980/FixImportedPermissionsMigration.java
b/streampipes-service-core/src/main/java/org/apache/streampipes/service/core/migrations/v0980/FixImportedPermissionsMigration.java
new file mode 100644
index 0000000000..0a0961801c
--- /dev/null
+++
b/streampipes-service-core/src/main/java/org/apache/streampipes/service/core/migrations/v0980/FixImportedPermissionsMigration.java
@@ -0,0 +1,116 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.streampipes.service.core.migrations.v0980;
+
+import org.apache.streampipes.model.shared.api.Storable;
+import org.apache.streampipes.service.core.migrations.Migration;
+import org.apache.streampipes.storage.api.IPermissionStorage;
+import org.apache.streampipes.storage.management.StorageDispatcher;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.util.List;
+
+/**
+ * This migration is required because the export/import process sanitizes
resource ids for the permissions.
+ * This breaks the link between resources and their permissions after import.
+ */
+public class FixImportedPermissionsMigration implements Migration {
+
+ private static final Logger LOG =
LoggerFactory.getLogger(FixImportedPermissionsMigration.class);
+
+ private final IPermissionStorage permissionStorage =
+ StorageDispatcher.INSTANCE.getNoSqlStore()
+ .getPermissionStorage();
+
+ @Override
+ public boolean shouldExecute() {
+ return true;
+ }
+
+ @Override
+ public void executeMigration() throws IOException {
+ migrateDashboardPermissions();
+ migrateChartsPermissions();
+ migrateDataStreamPermissions();
+ }
+
+ private void migrateDashboardPermissions() {
+ LOG.debug("Start migrate permissions for dashboards");
+ var dataExplorerDashboardStorage = StorageDispatcher.INSTANCE
+ .getNoSqlStore()
+ .getDataExplorerDashboardStorage();
+ var dashboards = dataExplorerDashboardStorage.findAll();
+ migrateResourcePermissions(dashboards);
+ LOG.debug("Finished migrate permissions for dashboards");
+ }
+
+ private void migrateChartsPermissions() {
+ LOG.debug("Start migrate permissions for charts");
+ var dataExplorerWidgetStorage = StorageDispatcher.INSTANCE
+ .getNoSqlStore()
+ .getDataExplorerWidgetStorage();
+ var charts = dataExplorerWidgetStorage.findAll();
+ migrateResourcePermissions(charts);
+ LOG.debug("Finished migrate permissions for charts");
+ }
+
+ private void migrateDataStreamPermissions() {
+ LOG.debug("Start migrate permissions for data streams");
+ var dataStreamStorage =
+ StorageDispatcher.INSTANCE.getNoSqlStore()
+ .getDataStreamStorage();
+ var dataStreams = dataStreamStorage.findAll();
+ migrateResourcePermissions(dataStreams);
+ LOG.debug("Finished migrate permissions for data streams");
+ }
+
+ /**
+ * Migrate permissions for the given resources, by replacing the sanitized
id with the original id.
+ */
+ private void migrateResourcePermissions(List<? extends Storable> resources) {
+ resources.forEach(resource -> {
+ // This uses the same sanitization logic as the exporter
+ var sanitizedId = sanitize(resource.getElementId());
+ var permissions =
permissionStorage.getUserPermissionsForObject(sanitizedId);
+
+ permissions.forEach(permission -> {
+ permission.setObjectInstanceId(resource.getElementId());
+ permissionStorage.updateElement(permission);
+ LOG.info(
+ "Updated permission id from {} to {}",
+ sanitizedId,
+ resource.getElementId()
+ );
+ });
+ });
+ }
+
+ @Override
+ public String getDescription() {
+ return "Fix permissions of imported data streams, dashboards and charts";
+ }
+
+ private String sanitize(String resourceId) {
+ return resourceId.replaceAll(":", "")
+ .replaceAll("\\.", "");
+ }
+}
