[shardingsphere] branch master updated: Check algorithm type in encrypt DistSQL (#28436)

[jianglongtao]

This is an automated email from the ASF dual-hosted git repository.

jianglongtao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git


The following commit(s) were added to refs/heads/master by this push:
     new e28f90d4e07 Check algorithm type in encrypt DistSQL (#28436)
e28f90d4e07 is described below

commit e28f90d4e071fba54a4a7c0da2507b450f28e5fd
Author: yx9o <yangx_s...@163.com>
AuthorDate: Fri Sep 15 11:49:56 2023 +0800

    Check algorithm type in encrypt DistSQL (#28436)
---
 .../update/CreateEncryptRuleStatementUpdater.java  | 24 +++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git 
a/features/encrypt/distsql/handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdater.java
 
b/features/encrypt/distsql/handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdater.java
index 18fe7e02286..88d0fbb8d70 100644
--- 
a/features/encrypt/distsql/handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdater.java
+++ 
b/features/encrypt/distsql/handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdater.java
@@ -17,6 +17,7 @@
 
 package org.apache.shardingsphere.encrypt.distsql.handler.update;
 
+import 
org.apache.shardingsphere.distsql.handler.exception.algorithm.InvalidAlgorithmConfigurationException;
 import 
org.apache.shardingsphere.distsql.handler.exception.rule.DuplicateRuleException;
 import 
org.apache.shardingsphere.distsql.handler.exception.rule.InvalidRuleConfigurationException;
 import 
org.apache.shardingsphere.distsql.handler.exception.storageunit.EmptyStorageUnitException;
@@ -24,13 +25,17 @@ import 
org.apache.shardingsphere.distsql.handler.update.RuleDefinitionCreateUpda
 import org.apache.shardingsphere.distsql.parser.segment.AlgorithmSegment;
 import org.apache.shardingsphere.encrypt.api.config.EncryptRuleConfiguration;
 import 
org.apache.shardingsphere.encrypt.api.config.rule.EncryptTableRuleConfiguration;
+import 
org.apache.shardingsphere.encrypt.api.encrypt.assisted.AssistedEncryptAlgorithm;
+import org.apache.shardingsphere.encrypt.api.encrypt.like.LikeEncryptAlgorithm;
+import 
org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
 import 
org.apache.shardingsphere.encrypt.distsql.handler.converter.EncryptRuleStatementConverter;
+import 
org.apache.shardingsphere.encrypt.distsql.parser.segment.EncryptColumnItemSegment;
 import 
org.apache.shardingsphere.encrypt.distsql.parser.segment.EncryptColumnSegment;
 import 
org.apache.shardingsphere.encrypt.distsql.parser.segment.EncryptRuleSegment;
 import 
org.apache.shardingsphere.encrypt.distsql.parser.statement.CreateEncryptRuleStatement;
 import org.apache.shardingsphere.encrypt.spi.EncryptAlgorithm;
-import 
org.apache.shardingsphere.infra.metadata.database.ShardingSphereDatabase;
 import 
org.apache.shardingsphere.infra.exception.core.ShardingSpherePreconditions;
+import 
org.apache.shardingsphere.infra.metadata.database.ShardingSphereDatabase;
 import org.apache.shardingsphere.infra.spi.type.typed.TypedSPILoader;
 
 import java.util.Collection;
@@ -49,10 +54,27 @@ public final class CreateEncryptRuleStatementUpdater 
implements RuleDefinitionCr
             checkDuplicateRuleNames(database.getName(), sqlStatement, 
currentRuleConfig);
         }
         checkColumnNames(sqlStatement);
+        checkAlgorithmTypes(sqlStatement);
         checkToBeCreatedEncryptors(sqlStatement);
         checkDataSources(database);
     }
     
+    private void checkAlgorithmTypes(final CreateEncryptRuleStatement 
sqlStatement) {
+        sqlStatement.getRules().stream().flatMap(each -> 
each.getColumns().stream()).forEach(each -> {
+            checkAlgorithmType(each.getCipher(), "standard encrypt", 
StandardEncryptAlgorithm.class);
+            checkAlgorithmType(each.getLikeQuery(), "like encrypt", 
LikeEncryptAlgorithm.class);
+            checkAlgorithmType(each.getAssistedQuery(), "assisted encrypt", 
AssistedEncryptAlgorithm.class);
+        });
+    }
+    
+    private void checkAlgorithmType(final EncryptColumnItemSegment 
itemSegment, final String algorithmType, final Class<?> encryptAlgorithmClass) {
+        if (null == itemSegment || null == itemSegment.getEncryptor()) {
+            return;
+        }
+        EncryptAlgorithm encryptAlgorithm = 
TypedSPILoader.getService(EncryptAlgorithm.class, 
itemSegment.getEncryptor().getName(), itemSegment.getEncryptor().getProps());
+        
ShardingSpherePreconditions.checkState(encryptAlgorithmClass.isInstance(encryptAlgorithm),
 () -> new InvalidAlgorithmConfigurationException(algorithmType, 
encryptAlgorithm.getType()));
+    }
+    
     private void checkDuplicateRuleNames(final String databaseName, final 
CreateEncryptRuleStatement sqlStatement, final EncryptRuleConfiguration 
currentRuleConfig) {
         Collection<String> duplicatedRuleNames = 
getDuplicatedRuleNames(sqlStatement, currentRuleConfig);
         ShardingSpherePreconditions.checkState(duplicatedRuleNames.isEmpty(), 
() -> new DuplicateRuleException("encrypt", databaseName, duplicatedRuleNames));