(shardingsphere) branch master updated: Mark ALL_PERMITTED privilege provider as deprecated (#33231)

Sun, 13 Oct 2024 08:31:11 -0700 

This is an automated email from the ASF dual-hosted git repository.

zhaojinchao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git


The following commit(s) were added to refs/heads/master by this push:
     new 3789f0673c3 Mark ALL_PERMITTED privilege provider as deprecated 
(#33231)
3789f0673c3 is described below

commit 3789f0673c307431f53bfc4d09ae64a17adafdca
Author: Raigor <[email protected]>
AuthorDate: Sun Oct 13 23:30:58 2024 +0800

    Mark ALL_PERMITTED privilege provider as deprecated (#33231)
---
 .../yaml-config/authority.cn.md                    | 21 ++++++++++-----------
 .../yaml-config/authority.en.md                    | 22 ++++++++++------------
 .../simple/AllPermittedPrivilegeProvider.java      |  3 +++
 3 files changed, 23 insertions(+), 23 deletions(-)

diff --git 
a/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.cn.md
 
b/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.cn.md
index 6e760bff639..deeaf69aa47 100644
--- 
a/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.cn.md
+++ 
b/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.cn.md
@@ -9,8 +9,8 @@ weight = 1
 
 得益于 ShardingSphere 的可插拔架构,Proxy 提供了两种级别的权限提供者,分别是:
 
-- `ALL_PERMITTED`:每个用户都拥有所有权限,无需专门授权;
-- `DATABASE_PERMITTED`:为用户授予指定逻辑库的权限,通过 `user-database-mappings` 进行定义。
+- `ALL_PERMITTED`:每个用户都拥有所有权限,无需专门授权;(将在未来版本中删除)
+- `DATABASE_PERMITTED`:为用户授予指定逻辑库的权限,通过 `user-database-mappings` 进行定义。(推荐使用)
 
 在配置 `authority` 时,管理员可根据需要选择使用哪一种权限提供者。
 
@@ -79,7 +79,7 @@ authority:
 
 ### 授权配置
 
-#### ALL_PERMITTED
+#### ALL_PERMITTED (将在未来版本中删除)
 
 ```yaml
 authority:
@@ -97,26 +97,25 @@ authority:
 - 未定义 `authenticators` 和 `authenticationMethodName`,Proxy 将根据前端协议自动选择;
 - 指定权限提供者为 `ALL_PERMITTED`。
 
-#### DATABASE_PERMITTED
+#### DATABASE_PERMITTED (推荐使用)
 
 ```yaml
 authority:
   users:
     - user: [email protected]
       password: root
+      admin: true
     - user: sharding
       password: sharding
+    - user: test
+      password: sharding
   privilege:
     type: DATABASE_PERMITTED
     props:
-      user-database-mappings: [email protected]=*, sharding@%=test_db, 
sharding@%=sharding_db
+      user-database-mappings: sharding@%=*, test@%=test_db, test@%=sharding_db
 ```
 
 说明:
-- 定义了两个用户:`[email protected]` 和 `sharding`;
+- 定义了一个超级用户 `[email protected]` 和两个普通用户:`sharding` 和 `test`;
 - 未定义 `authenticators` 和 `authenticationMethodName`,Proxy 将根据前端协议自动选择;
-- 指定权限提供者为 `DATABASE_PERMITTED`,并授权 `[email protected]` 用户访问所有逻辑库(`*`),sharding 
用户仅能访问 test_db 和 sharding_db。
-
-## 相关参考
-
-权限提供者具体实现可以参考 
[权限提供者](/cn/user-manual/shardingsphere-proxy/yaml-config/authority/)。
+- 指定权限提供者为 `DATABASE_PERMITTED`,并授权 `sharding@%` 用户访问所有逻辑库(`*`),test 用户仅能访问 
test_db 和 sharding_db。
diff --git 
a/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.en.md
 
b/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.en.md
index 9746295376c..d6f8512469c 100644
--- 
a/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.en.md
+++ 
b/docs/document/content/user-manual/shardingsphere-proxy/yaml-config/authority.en.md
@@ -9,8 +9,8 @@ In ShardingSphere-Proxy, user authentication and authorization 
information is co
 
 Thanks to ShardingSphere's pluggable architecture, Proxy provides two levels 
of privilege providers, namely: 
 
-- `ALL_PERMITTED`: each user has all privileges without special authorization.
-- `DATABASE_PERMITTED`: grants the user privileges on the specified logical 
databases, defined by `user-database-mappings`.
+- `ALL_PERMITTED`: each user has all privileges without special authorization. 
(Will be removed in a future version)
+- `DATABASE_PERMITTED`: grants the user privileges on the specified logical 
databases, defined by `user-database-mappings`. (Recommended)
 
 The administrator can choose which privilege provider to use as needed when 
configuring `authority`. 
 
@@ -49,7 +49,6 @@ Explanation:
 - `authenticationMethodName` is not specified for `[email protected]`, Proxy will 
automatically choose the authentication method according to the frontend 
protocol;
 - Privilege provider is not specified, the default `ALL_PERMITTED` will be 
used;
 
-
 ### Authentication configuration
 
 The custom authentication configuration allows users to greater leeway to set 
their own custom configurations according to their scenarios. 
@@ -80,7 +79,7 @@ Explanation:
 
 ### Authorization configuration
 
-#### ALL_PERMITTED
+#### ALL_PERMITTED (Will be removed in a future version)
 
 ```yaml
 authority:
@@ -98,26 +97,25 @@ Explanation:
 - `authenticators` and `authenticationMethodName` are not defined, Proxy will 
automatically choose the authentication method according to the frontend 
protocol;
 - The privilege provider `ALL_PERMITTED` is specified.
 
-#### DATABASE_PERMITTED
+#### DATABASE_PERMITTED (Recommended)
 
 ```yaml
 authority:
   users:
     - user: [email protected]
       password: root
+      admin: true
     - user: sharding
       password: sharding
+    - user: test
+      password: sharding
   privilege:
     type: DATABASE_PERMITTED
     props:
-      user-database-mappings: [email protected]=*, sharding@%=test_db, 
sharding@%=sharding_db
+      user-database-mappings: sharding@%=*, test@%=test_db, test@%=sharding_db
 ```
 
 Explanation:
-- Two users are defined: `[email protected]` and `sharding`;
+- Three users are defined: `[email protected]`, `sharding` and `test`, which 
`[email protected]` is an admin user;
 - `authenticators` and `authenticationMethodName` are not defined, Proxy will 
automatically choose the authentication method according to the frontend 
protocol;
-- The privilege provider `DATABASE_PERMITTED` is specified, authorize 
`[email protected]` to access all logical databases (`*`), and user `sharding` can 
only access `test_db` and `sharding_db`.
-
-## Related References
-
-Please refer to [Authority 
Provider](/en/user-manual/shardingsphere-proxy/yaml-config/authority/) for the 
specific implementation of authority provider.
+- The privilege provider `DATABASE_PERMITTED` is specified, authorize 
`sharding@%` to access all logical databases (`*`), and user `test` can only 
access `test_db` and `sharding_db`.
diff --git 
a/kernel/authority/provider/simple/src/main/java/org/apache/shardingsphere/authority/provider/simple/AllPermittedPrivilegeProvider.java
 
b/kernel/authority/provider/simple/src/main/java/org/apache/shardingsphere/authority/provider/simple/AllPermittedPrivilegeProvider.java
index eb770dd0b97..895cca9ac2f 100644
--- 
a/kernel/authority/provider/simple/src/main/java/org/apache/shardingsphere/authority/provider/simple/AllPermittedPrivilegeProvider.java
+++ 
b/kernel/authority/provider/simple/src/main/java/org/apache/shardingsphere/authority/provider/simple/AllPermittedPrivilegeProvider.java
@@ -27,7 +27,10 @@ import java.util.Collections;
 
 /**
  * All permitted privilege provider.
+ *
+ * @deprecated Use DatabasePermittedPrivilegeProvider instead.
  */
+@Deprecated
 public final class AllPermittedPrivilegeProvider implements PrivilegeProvider {
     
     @Override

Reply via email to