This is an automated email from the ASF dual-hosted git repository.
jianglongtao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 36857018e26 Refactor authority provider (#29555)
36857018e26 is described below
commit 36857018e26bcd9283b06710b6a2a8aab9e10d9c
Author: Liang Zhang <[email protected]>
AuthorDate: Tue Dec 26 23:11:31 2023 +0800
Refactor authority provider (#29555)
* Refactor CDCConnectionContext
* Rename AllPermittedPrivileges
* Refactor DatabasePrivilegeBuilder
* Remove DatabasePrivilegeBuilder
* Remove DatabasePrivilegeBuilder
---
.../infra/metadata/user/ShardingSphereUser.java | 4 +
...DatabasePermittedAuthorityRegistryProvider.java | 55 +++++++++-
.../database/builder/DatabasePrivilegeBuilder.java | 112 ---------------------
.../privilege/DatabasePermittedPrivileges.java | 3 +-
...Privileges.java => AllPermittedPrivileges.java} | 2 +-
.../registry/AllPermittedAuthorityRegistry.java | 4 +-
...esTest.java => AllPermittedPrivilegesTest.java} | 4 +-
.../pipeline/cdc/context/CDCConnectionContext.java | 2 +-
.../admin/executor/ShowDatabasesExecutorTest.java | 4 +-
.../MySQLAuthenticationEngineTest.java | 4 +-
10 files changed, 68 insertions(+), 126 deletions(-)
diff --git
a/infra/common/src/main/java/org/apache/shardingsphere/infra/metadata/user/ShardingSphereUser.java
b/infra/common/src/main/java/org/apache/shardingsphere/infra/metadata/user/ShardingSphereUser.java
index 771f6be71db..7ca5013f775 100644
---
a/infra/common/src/main/java/org/apache/shardingsphere/infra/metadata/user/ShardingSphereUser.java
+++
b/infra/common/src/main/java/org/apache/shardingsphere/infra/metadata/user/ShardingSphereUser.java
@@ -33,6 +33,10 @@ public final class ShardingSphereUser {
private final String authenticationMethodName;
+ public ShardingSphereUser(final String grantee) {
+ this(grantee.substring(0, grantee.indexOf('@')), "",
grantee.substring(grantee.indexOf('@') + 1));
+ }
+
public ShardingSphereUser(final String username, final String password,
final String hostname) {
this(username, password, hostname, "");
}
diff --git
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/DatabasePermittedAuthorityRegistryProvider.java
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/DatabasePermittedAuthorityRegistryProvider.java
index a2c77eaf2e5..cbc1aa71e25 100644
---
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/DatabasePermittedAuthorityRegistryProvider.java
+++
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/DatabasePermittedAuthorityRegistryProvider.java
@@ -17,15 +17,24 @@
package org.apache.shardingsphere.authority.provider.database;
+import com.google.common.base.Preconditions;
import org.apache.shardingsphere.authority.model.AuthorityRegistry;
-import
org.apache.shardingsphere.authority.provider.database.builder.DatabasePrivilegeBuilder;
+import org.apache.shardingsphere.authority.model.ShardingSpherePrivileges;
+import
org.apache.shardingsphere.authority.provider.database.model.privilege.DatabasePermittedPrivileges;
import
org.apache.shardingsphere.authority.registry.UserPrivilegeMapAuthorityRegistry;
import org.apache.shardingsphere.authority.spi.AuthorityRegistryProvider;
+import org.apache.shardingsphere.infra.metadata.user.Grantee;
import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
+import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Map.Entry;
import java.util.Properties;
+import java.util.stream.Collectors;
/**
* Database permitted authority registry provider.
@@ -43,7 +52,49 @@ public final class
DatabasePermittedAuthorityRegistryProvider implements Authori
@Override
public AuthorityRegistry build(final Collection<ShardingSphereUser> users)
{
- return new
UserPrivilegeMapAuthorityRegistry(DatabasePrivilegeBuilder.build(users, props));
+ String userDatabaseMappings =
props.getProperty(DatabasePermittedAuthorityRegistryProvider.PROP_USER_DATABASE_MAPPINGS,
"");
+ checkDatabases(userDatabaseMappings);
+ return new UserPrivilegeMapAuthorityRegistry(buildPrivileges(users,
convertUserDatabases(userDatabaseMappings)));
+ }
+
+ private void checkDatabases(final String userDatabaseMappings) {
+ Preconditions.checkArgument(!"".equals(userDatabaseMappings),
"user-database-mappings configuration `%s` can not be null",
userDatabaseMappings);
+ Arrays.stream(userDatabaseMappings.split(",")).forEach(each ->
Preconditions.checkArgument(each.contains("@") && each.contains("="),
+ "user-database-mappings configuration `%s` is invalid, the
configuration format should be like `username@hostname=database`", each));
+ }
+
+ private Map<ShardingSphereUser, ShardingSpherePrivileges>
buildPrivileges(final Collection<ShardingSphereUser> users,
+
final Map<ShardingSphereUser, Collection<String>> userDatabaseMappings) {
+ return users.stream().collect(Collectors.toMap(each -> each, each ->
new DatabasePermittedPrivileges(getUserDatabases(each, userDatabaseMappings))));
+ }
+
+ private Collection<String> getUserDatabases(final ShardingSphereUser user,
final Map<ShardingSphereUser, Collection<String>> userDatabaseMappings) {
+ Collection<String> result = new HashSet<>();
+ for (Entry<ShardingSphereUser, Collection<String>> entry :
userDatabaseMappings.entrySet()) {
+ boolean isAnyOtherHost =
checkAnyOtherHost(entry.getKey().getGrantee(), user);
+ if (isAnyOtherHost || user.equals(entry.getKey())) {
+ result.addAll(entry.getValue());
+ }
+ }
+ return result;
+ }
+
+ private boolean checkAnyOtherHost(final Grantee grantee, final
ShardingSphereUser user) {
+ return ("%".equals(grantee.getHostname())
+ ||
grantee.getHostname().equals(user.getGrantee().getHostname())) &&
grantee.getUsername().equals(user.getGrantee().getUsername());
+ }
+
+ private Map<ShardingSphereUser, Collection<String>>
convertUserDatabases(final String userDatabaseMappings) {
+ String[] mappings = userDatabaseMappings.split(",");
+ Map<ShardingSphereUser, Collection<String>> result = new
HashMap<>(mappings.length, 1F);
+ for (String each : mappings) {
+ String[] userDatabasePair = each.trim().split("=");
+ ShardingSphereUser user = new
ShardingSphereUser(userDatabasePair[0]);
+ Collection<String> databases = result.getOrDefault(user, new
HashSet<>());
+ databases.add(userDatabasePair[1]);
+ result.putIfAbsent(user, databases);
+ }
+ return result;
}
@Override
diff --git
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/builder/DatabasePrivilegeBuilder.java
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/builder/DatabasePrivilegeBuilder.java
deleted file mode 100644
index 939b7efdf2c..00000000000
---
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/builder/DatabasePrivilegeBuilder.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.shardingsphere.authority.provider.database.builder;
-
-import com.google.common.base.Preconditions;
-import lombok.AccessLevel;
-import lombok.NoArgsConstructor;
-import org.apache.shardingsphere.authority.model.ShardingSpherePrivileges;
-import
org.apache.shardingsphere.authority.provider.database.DatabasePermittedAuthorityRegistryProvider;
-import
org.apache.shardingsphere.authority.provider.database.model.privilege.DatabasePermittedPrivileges;
-import org.apache.shardingsphere.infra.metadata.user.Grantee;
-import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
-
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Properties;
-import java.util.Set;
-
-/**
- * Database privilege builder.
- */
-@NoArgsConstructor(access = AccessLevel.PRIVATE)
-public final class DatabasePrivilegeBuilder {
-
- /**
- * Build privileges.
- *
- * @param users users
- * @param props props
- * @return privileges
- */
- public static Map<ShardingSphereUser, ShardingSpherePrivileges>
build(final Collection<ShardingSphereUser> users, final Properties props) {
- String mappingProp =
props.getProperty(DatabasePermittedAuthorityRegistryProvider.PROP_USER_DATABASE_MAPPINGS,
"");
- checkDatabases(mappingProp);
- return buildPrivileges(users, mappingProp);
- }
-
- /**
- * Check databases.
- *
- * @param mappingProp user database mapping props
- */
- private static void checkDatabases(final String mappingProp) {
- Preconditions.checkArgument(!"".equals(mappingProp),
"user-database-mappings configuration `%s` can not be null", mappingProp);
- Arrays.stream(mappingProp.split(",")).forEach(each ->
Preconditions.checkArgument(each.contains("@") && each.contains("="),
- "user-database-mappings configuration `%s` is invalid, the
configuration format should be like `username@hostname=database`", each));
- }
-
- private static Map<ShardingSphereUser, ShardingSpherePrivileges>
buildPrivileges(final Collection<ShardingSphereUser> users, final String
mappingProp) {
- Map<ShardingSphereUser, Collection<String>> userDatabaseMappings =
convertDatabases(mappingProp);
- Map<ShardingSphereUser, ShardingSpherePrivileges> result = new
HashMap<>(users.size(), 1F);
- users.forEach(each -> result.put(each, new
DatabasePermittedPrivileges(new HashSet<>(getUserDatabases(each,
userDatabaseMappings)))));
- return result;
- }
-
- /**
- * Convert databases.
- *
- * @param mappingProp user database mapping props
- * @return user database mapping map
- */
- private static Map<ShardingSphereUser, Collection<String>>
convertDatabases(final String mappingProp) {
- String[] mappings = mappingProp.split(",");
- Map<ShardingSphereUser, Collection<String>> result = new
HashMap<>(mappings.length, 1F);
- Arrays.asList(mappings).forEach(each -> {
- String[] userDatabasePair = each.trim().split("=");
- String yamlUser = userDatabasePair[0];
- String username = yamlUser.substring(0, yamlUser.indexOf('@'));
- String hostname = yamlUser.substring(yamlUser.indexOf('@') + 1);
- ShardingSphereUser shardingSphereUser = new
ShardingSphereUser(username, "", hostname);
- Collection<String> databases =
result.getOrDefault(shardingSphereUser, new HashSet<>());
- databases.add(userDatabasePair[1]);
- result.putIfAbsent(shardingSphereUser, databases);
- });
- return result;
- }
-
- private static Collection<String> getUserDatabases(final
ShardingSphereUser shardingSphereUser, final Map<ShardingSphereUser,
Collection<String>> userDatabaseMappings) {
- Set<String> result = new HashSet<>();
- for (Entry<ShardingSphereUser, Collection<String>> entry :
userDatabaseMappings.entrySet()) {
- boolean isAnyOtherHost =
checkAnyOtherHost(entry.getKey().getGrantee(), shardingSphereUser);
- if (isAnyOtherHost || shardingSphereUser.equals(entry.getKey())) {
- result.addAll(entry.getValue());
- }
- }
- return result;
- }
-
- private static boolean checkAnyOtherHost(final Grantee grantee, final
ShardingSphereUser shardingSphereUser) {
- return ("%".equals(grantee.getHostname())
- ||
grantee.getHostname().equals(shardingSphereUser.getGrantee().getHostname())) &&
grantee.getUsername().equals(shardingSphereUser.getGrantee().getUsername());
- }
-}
diff --git
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/model/privilege/DatabasePermittedPrivileges.java
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/model/privilege/DatabasePermittedPrivileges.java
index faf48edacd3..f8e97eb9662 100644
---
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/model/privilege/DatabasePermittedPrivileges.java
+++
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/database/model/privilege/DatabasePermittedPrivileges.java
@@ -24,7 +24,6 @@ import
org.apache.shardingsphere.authority.model.ShardingSpherePrivileges;
import
org.apache.shardingsphere.authority.provider.database.model.subject.DatabaseAccessSubject;
import java.util.Collection;
-import java.util.Set;
/**
* Database permitted privileges.
@@ -34,7 +33,7 @@ public final class DatabasePermittedPrivileges implements
ShardingSpherePrivileg
private static final String KEY_SUPER = "*";
- private final Set<String> databases;
+ private final Collection<String> databases;
@Override
public boolean hasPrivileges(final String database) {
diff --git
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPrivilegesPermittedShardingSpherePrivileges.java
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPermittedPrivileges.java
similarity index 93%
rename from
kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPrivilegesPermittedShardingSpherePrivileges.java
rename to
kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPermittedPrivileges.java
index 7398d53cfa2..78f8d4bedd6 100644
---
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPrivilegesPermittedShardingSpherePrivileges.java
+++
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPermittedPrivileges.java
@@ -26,7 +26,7 @@ import java.util.Collection;
/**
* All permitted privileges.
*/
-public final class AllPrivilegesPermittedShardingSpherePrivileges implements
ShardingSpherePrivileges {
+public final class AllPermittedPrivileges implements ShardingSpherePrivileges {
@Override
public boolean hasPrivileges(final String database) {
diff --git
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/registry/AllPermittedAuthorityRegistry.java
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/registry/AllPermittedAuthorityRegistry.java
index 36bd1b36b8a..07e2019f677 100644
---
a/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/registry/AllPermittedAuthorityRegistry.java
+++
b/kernel/authority/core/src/main/java/org/apache/shardingsphere/authority/registry/AllPermittedAuthorityRegistry.java
@@ -19,7 +19,7 @@ package org.apache.shardingsphere.authority.registry;
import org.apache.shardingsphere.authority.model.AuthorityRegistry;
import org.apache.shardingsphere.authority.model.ShardingSpherePrivileges;
-import
org.apache.shardingsphere.authority.provider.simple.model.privilege.AllPrivilegesPermittedShardingSpherePrivileges;
+import
org.apache.shardingsphere.authority.provider.simple.model.privilege.AllPermittedPrivileges;
import org.apache.shardingsphere.infra.metadata.user.Grantee;
import java.util.Optional;
@@ -29,7 +29,7 @@ import java.util.Optional;
*/
public final class AllPermittedAuthorityRegistry implements AuthorityRegistry {
- private static final ShardingSpherePrivileges INSTANCE = new
AllPrivilegesPermittedShardingSpherePrivileges();
+ private static final ShardingSpherePrivileges INSTANCE = new
AllPermittedPrivileges();
@Override
public Optional<ShardingSpherePrivileges> findPrivileges(final Grantee
grantee) {
diff --git
a/kernel/authority/core/src/test/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPrivilegesPermittedShardingSpherePrivilegesTest.java
b/kernel/authority/core/src/test/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPermittedPrivilegesTest.java
similarity index 90%
rename from
kernel/authority/core/src/test/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPrivilegesPermittedShardingSpherePrivilegesTest.java
rename to
kernel/authority/core/src/test/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPermittedPrivilegesTest.java
index 52e16588379..d506369eda3 100644
---
a/kernel/authority/core/src/test/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPrivilegesPermittedShardingSpherePrivilegesTest.java
+++
b/kernel/authority/core/src/test/java/org/apache/shardingsphere/authority/provider/simple/model/privilege/AllPermittedPrivilegesTest.java
@@ -25,11 +25,11 @@ import java.util.Collections;
import static org.junit.jupiter.api.Assertions.assertTrue;
-class AllPrivilegesPermittedShardingSpherePrivilegesTest {
+class AllPermittedPrivilegesTest {
@Test
void assertFindPrivileges() {
- ShardingSpherePrivileges actual = new
AllPrivilegesPermittedShardingSpherePrivileges();
+ ShardingSpherePrivileges actual = new AllPermittedPrivileges();
assertTrue(actual.hasPrivileges("testSchema"));
assertTrue(actual.hasPrivileges(Collections.emptyList()));
assertTrue(actual.hasPrivileges(new
DatabaseAccessSubject("testSchema"), Collections.emptyList()));
diff --git
a/kernel/data-pipeline/scenario/cdc/core/src/main/java/org/apache/shardingsphere/data/pipeline/cdc/context/CDCConnectionContext.java
b/kernel/data-pipeline/scenario/cdc/core/src/main/java/org/apache/shardingsphere/data/pipeline/cdc/context/CDCConnectionContext.java
index 49c796ffb78..51be8763011 100644
---
a/kernel/data-pipeline/scenario/cdc/core/src/main/java/org/apache/shardingsphere/data/pipeline/cdc/context/CDCConnectionContext.java
+++
b/kernel/data-pipeline/scenario/cdc/core/src/main/java/org/apache/shardingsphere/data/pipeline/cdc/context/CDCConnectionContext.java
@@ -25,9 +25,9 @@ import
org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
/**
* CDC connection context.
*/
+@RequiredArgsConstructor
@Getter
@Setter
-@RequiredArgsConstructor
public final class CDCConnectionContext {
private final ShardingSphereUser currentUser;
diff --git
a/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowDatabasesExecutorTest.java
b/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowDatabasesExecutorTest.java
index 65680547678..226787979e3 100644
---
a/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowDatabasesExecutorTest.java
+++
b/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowDatabasesExecutorTest.java
@@ -17,7 +17,7 @@
package org.apache.shardingsphere.proxy.backend.mysql.handler.admin.executor;
-import
org.apache.shardingsphere.authority.provider.simple.model.privilege.AllPrivilegesPermittedShardingSpherePrivileges;
+import
org.apache.shardingsphere.authority.provider.simple.model.privilege.AllPermittedPrivileges;
import org.apache.shardingsphere.authority.rule.AuthorityRule;
import org.apache.shardingsphere.infra.config.props.ConfigurationProperties;
import org.apache.shardingsphere.infra.database.core.type.DatabaseType;
@@ -190,7 +190,7 @@ class ShowDatabasesExecutorTest {
private AuthorityRule mockAuthorityRule() {
AuthorityRule result = mock(AuthorityRule.class);
- when(result.findPrivileges(new Grantee("root",
""))).thenReturn(Optional.of(new
AllPrivilegesPermittedShardingSpherePrivileges()));
+ when(result.findPrivileges(new Grantee("root",
""))).thenReturn(Optional.of(new AllPermittedPrivileges()));
return result;
}
diff --git
a/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/MySQLAuthenticationEngineTest.java
b/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/MySQLAuthenticationEngineTest.java
index 563918e64e6..8d46506e622 100644
---
a/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/MySQLAuthenticationEngineTest.java
+++
b/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/MySQLAuthenticationEngineTest.java
@@ -23,7 +23,7 @@ import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelPipeline;
import io.netty.util.Attribute;
import lombok.SneakyThrows;
-import
org.apache.shardingsphere.authority.provider.simple.model.privilege.AllPrivilegesPermittedShardingSpherePrivileges;
+import
org.apache.shardingsphere.authority.provider.simple.model.privilege.AllPermittedPrivileges;
import org.apache.shardingsphere.authority.rule.AuthorityRule;
import org.apache.shardingsphere.db.protocol.constant.CommonConstants;
import
org.apache.shardingsphere.db.protocol.mysql.constant.MySQLCapabilityFlag;
@@ -170,7 +170,7 @@ class MySQLAuthenticationEngineTest {
AuthorityRule rule = mock(AuthorityRule.class);
ShardingSphereUser user = new ShardingSphereUser("root", "",
"127.0.0.1");
when(rule.findUser(user.getGrantee())).thenReturn(Optional.of(user));
-
when(rule.findPrivileges(user.getGrantee())).thenReturn(Optional.of(new
AllPrivilegesPermittedShardingSpherePrivileges()));
+
when(rule.findPrivileges(user.getGrantee())).thenReturn(Optional.of(new
AllPermittedPrivileges()));
when(rule.getAuthenticatorType(any())).thenReturn("");
ContextManager contextManager = mockContextManager(rule);
when(ProxyContext.getInstance().getContextManager()).thenReturn(contextManager);
