This is an automated email from the ASF dual-hosted git repository.
duanzhengqiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new b83aec32ce8 Refactor EncryptConditionEngine. (#36883)
b83aec32ce8 is described below
commit b83aec32ce8e87246cdea9b8280357ecefcf693b
Author: Cong Hu <[email protected]>
AuthorDate: Wed Oct 15 21:33:47 2025 +0800
Refactor EncryptConditionEngine. (#36883)
---
.../rewrite/condition/EncryptConditionEngine.java | 31 +++++++++++----------
.../EncryptPredicateFunctionRightValueToken.java | 2 +-
...ncryptPredicateFunctionRightValueTokenTest.java | 4 +--
.../dml/select/select-subquery.xml | 2 +-
.../query-with-cipher/dml/select/select-where.xml | 32 +++++++++++-----------
5 files changed, 36 insertions(+), 35 deletions(-)
diff --git
a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/condition/EncryptConditionEngine.java
b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/condition/EncryptConditionEngine.java
index 60be32ce493..036b349a192 100644
---
a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/condition/EncryptConditionEngine.java
+++
b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/condition/EncryptConditionEngine.java
@@ -40,6 +40,7 @@ import
org.apache.shardingsphere.sql.parser.statement.core.segment.dml.expr.subq
import
org.apache.shardingsphere.sql.parser.statement.core.segment.dml.predicate.WhereSegment;
import java.util.Collection;
+import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
@@ -107,7 +108,7 @@ public final class EncryptConditionEngine {
String tableName =
each.getColumnBoundInfo().getOriginalTable().getValue();
Optional<EncryptTable> encryptTable =
rule.findEncryptTable(tableName);
if (encryptTable.isPresent() &&
encryptTable.get().isEncryptColumn(each.getColumnBoundInfo().getOriginalColumn().getValue()))
{
- createEncryptCondition(expression,
tableName).ifPresent(encryptConditions::add);
+ encryptConditions.addAll(createEncryptCondition(expression,
tableName));
}
}
}
@@ -130,7 +131,7 @@ public final class EncryptConditionEngine {
return "NULL".equalsIgnoreCase(literals) || "NOT
NULL".equalsIgnoreCase(literals);
}
- private Optional<EncryptCondition> createEncryptCondition(final
ExpressionSegment expression, final String tableName) {
+ private Collection<EncryptCondition> createEncryptCondition(final
ExpressionSegment expression, final String tableName) {
if (expression instanceof BinaryOperationExpression) {
return createBinaryEncryptCondition((BinaryOperationExpression)
expression, tableName);
}
@@ -140,36 +141,36 @@ public final class EncryptConditionEngine {
if (expression instanceof BetweenExpression) {
throw new UnsupportedEncryptSQLException("BETWEEN...AND...");
}
- return Optional.empty();
+ return Collections.emptyList();
}
- private Optional<EncryptCondition> createBinaryEncryptCondition(final
BinaryOperationExpression expression, final String tableName) {
+ private Collection<EncryptCondition> createBinaryEncryptCondition(final
BinaryOperationExpression expression, final String tableName) {
String operator = expression.getOperator();
if (LOGICAL_OPERATORS.contains(operator)) {
- return Optional.empty();
+ return Collections.emptyList();
}
ShardingSpherePreconditions.checkContains(SUPPORTED_COMPARE_OPERATORS,
operator, () -> new UnsupportedEncryptSQLException(operator));
return createCompareEncryptCondition(tableName, expression);
}
- private Optional<EncryptCondition> createCompareEncryptCondition(final
String tableName, final BinaryOperationExpression expression) {
+ private Collection<EncryptCondition> createCompareEncryptCondition(final
String tableName, final BinaryOperationExpression expression) {
if (isLeftRightContainsSubquerySegment(expression)) {
- return Optional.empty();
+ return Collections.emptyList();
}
Optional<ColumnSegment> columnSegment =
Optional.ofNullable(isCompareValueSegment(expression.getLeft()) ?
expression.getRight() :
expression.getLeft()).filter(ColumnSegment.class::isInstance)
.map(ColumnSegment.class::cast);
if (!columnSegment.isPresent()) {
- return Optional.empty();
+ return Collections.emptyList();
}
ExpressionSegment compareValueSegment =
isCompareValueSegment(expression.getLeft()) ? expression.getLeft() :
expression.getRight();
if (compareValueSegment instanceof SimpleExpressionSegment) {
- return
Optional.of(createEncryptBinaryOperationCondition(tableName, expression,
columnSegment.get(), compareValueSegment));
+ return
Collections.singleton(createEncryptBinaryOperationCondition(tableName,
expression, columnSegment.get(), compareValueSegment));
}
if (compareValueSegment instanceof ListExpression) {
// TODO check this logic when items contain multiple values
@duanzhengqiang
- return
Optional.of(createEncryptBinaryOperationCondition(tableName, expression,
columnSegment.get(), ((ListExpression) compareValueSegment).getItems().get(0)));
+ return
Collections.singleton(createEncryptBinaryOperationCondition(tableName,
expression, columnSegment.get(), ((ListExpression)
compareValueSegment).getItems().get(0)));
}
- return Optional.empty();
+ return Collections.emptyList();
}
private boolean isCompareValueSegment(final ExpressionSegment
expressionSegment) {
@@ -185,9 +186,9 @@ public final class EncryptConditionEngine {
return new EncryptBinaryCondition(columnSegment, tableName,
expression.getOperator(), compareValueSegment.getStartIndex(),
compareValueSegment.getStopIndex(), compareValueSegment);
}
- private static Optional<EncryptCondition> createInEncryptCondition(final
String tableName, final InExpression inExpression, final ExpressionSegment
inRightValue) {
+ private static Collection<EncryptCondition> createInEncryptCondition(final
String tableName, final InExpression inExpression, final ExpressionSegment
inRightValue) {
if (!(inExpression.getLeft() instanceof ColumnSegment)) {
- return Optional.empty();
+ return Collections.emptyList();
}
List<ExpressionSegment> expressionSegments = new LinkedList<>();
for (ExpressionSegment each : inExpression.getExpressionList()) {
@@ -196,9 +197,9 @@ public final class EncryptConditionEngine {
}
}
if (expressionSegments.isEmpty()) {
- return Optional.empty();
+ return Collections.emptyList();
}
ColumnSegment columnSegment = (ColumnSegment) inExpression.getLeft();
- return Optional.of(new EncryptInCondition(columnSegment, tableName,
inRightValue.getStartIndex(), inRightValue.getStopIndex(), expressionSegments));
+ return Collections.singleton(new EncryptInCondition(columnSegment,
tableName, inRightValue.getStartIndex(), inRightValue.getStopIndex(),
expressionSegments));
}
}
diff --git
a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueToken.java
b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueToken.java
index 00bf98a5703..7686bce76b8 100644
---
a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueToken.java
+++
b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueToken.java
@@ -64,7 +64,7 @@ public final class EncryptPredicateFunctionRightValueToken
extends SQLToken impl
}
private void appendFunctionSegment(final String functionName, final
Collection<ExpressionSegment> parameters, final StringBuilder builder, final
AtomicInteger parameterIndex) {
- builder.append(functionName).append(" (");
+ builder.append(functionName).append("(");
for (ExpressionSegment each : parameters) {
if (each instanceof FunctionSegment) {
appendFunctionSegment(((FunctionSegment)
each).getFunctionName(), ((FunctionSegment) each).getParameters(), builder,
parameterIndex);
diff --git
a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueTokenTest.java
b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueTokenTest.java
index 1fd82aa450a..cdc607cda11 100644
---
a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueTokenTest.java
+++
b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/pojo/EncryptPredicateFunctionRightValueTokenTest.java
@@ -42,7 +42,7 @@ class EncryptPredicateFunctionRightValueTokenTest {
functionSegment.getParameters().add(new LiteralExpressionSegment(0, 0,
"%"));
EncryptPredicateFunctionRightValueToken actual =
new EncryptPredicateFunctionRightValueToken(0, 0,
functionSegment.getFunctionName(), functionSegment.getParameters(),
indexValues, Collections.emptyList());
- assertThat(actual.toString(), is("CONCAT ('%', 'abc', '%')"));
+ assertThat(actual.toString(), is("CONCAT('%', 'abc', '%')"));
}
@Test
@@ -59,6 +59,6 @@ class EncryptPredicateFunctionRightValueTokenTest {
functionSegment.getParameters().add(nestedFunctionSegment);
EncryptPredicateFunctionRightValueToken actual =
new EncryptPredicateFunctionRightValueToken(0, 0,
functionSegment.getFunctionName(), functionSegment.getParameters(),
indexValues, Collections.emptyList());
- assertThat(actual.toString(), is("CONCAT ('%', CONCAT ('abc', '%'))"));
+ assertThat(actual.toString(), is("CONCAT('%', CONCAT('abc', '%'))"));
}
}
diff --git
a/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-subquery.xml
b/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-subquery.xml
index ec94d4dd96f..541ec7a0801 100644
---
a/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-subquery.xml
+++
b/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-subquery.xml
@@ -109,6 +109,6 @@
<rewrite-assertion id="select_concat_in_subquery" db-types="MySQL">
<input sql="SELECT COUNT(*) FROM (SELECT * FROM (SELECT password FROM
t_account WHERE password like concat('%', 'zhangsan', '%')) t) TOTAL" />
- <output sql="SELECT COUNT(*) FROM (SELECT t.password_CIPHER,
t.password_ASSISTED, t.password_LIKE FROM (SELECT cipher_password AS
password_CIPHER, assisted_query_password AS password_ASSISTED,
like_query_password AS password_LIKE FROM t_account WHERE `like_query_password`
like concat ('like_query_%', 'like_query_zhangsan', 'like_query_%')) t) TOTAL"
/>
+ <output sql="SELECT COUNT(*) FROM (SELECT t.password_CIPHER,
t.password_ASSISTED, t.password_LIKE FROM (SELECT cipher_password AS
password_CIPHER, assisted_query_password AS password_ASSISTED,
like_query_password AS password_LIKE FROM t_account WHERE `like_query_password`
like concat('like_query_%', 'like_query_zhangsan', 'like_query_%')) t) TOTAL" />
</rewrite-assertion>
</rewrite-assertions>
diff --git
a/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-where.xml
b/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-where.xml
index 9b0f94215b0..1f6a0807e8b 100644
---
a/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-where.xml
+++
b/test/it/rewriter/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/select/select-where.xml
@@ -82,43 +82,43 @@
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_concat_for_parameters"
db-types="MySQL">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat ('%', ? ,'%')" parameters="abc" />
- <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat ('like_query_%', ?,
'like_query_%')" parameters="like_query_abc" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat('%', ? ,'%')" parameters="abc" />
+ <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat('like_query_%', ?,
'like_query_%')" parameters="like_query_abc" />
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_concat_for_parameters"
db-types="PostgreSQL,openGauss">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat ('%', ? ,'%')" parameters="abc" />
- <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat ('like_query_%', ?, 'like_query_%')" parameters="like_query_abc" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat('%', ? ,'%')" parameters="abc" />
+ <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat('like_query_%', ?, 'like_query_%')" parameters="like_query_abc" />
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_concat_for_literals" db-types="MySQL">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat ('%','abc','%')" />
- <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat ('like_query_%',
'like_query_abc', 'like_query_%')" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat('%','abc','%')" />
+ <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat('like_query_%',
'like_query_abc', 'like_query_%')" />
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_concat_for_literals"
db-types="PostgreSQL,openGauss">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat ('%','abc','%')" />
- <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat ('like_query_%', 'like_query_abc', 'like_query_%')" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat('%','abc','%')" />
+ <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat('like_query_%', 'like_query_abc', 'like_query_%')" />
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_nested_concat_for_parameters"
db-types="MySQL">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat (concat('', '%'), concat(?, '%'))" parameters="abc" />
- <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat (concat ('like_query_',
'like_query_%'), concat (?, 'like_query_%'))" parameters="like_query_abc" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat(concat('', '%'), concat(?, '%'))" parameters="abc" />
+ <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat(concat('like_query_',
'like_query_%'), concat(?, 'like_query_%'))" parameters="like_query_abc" />
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_nested_concat_for_parameters"
db-types="PostgreSQL,openGauss">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat (concat('', '%'), concat(?, '%'))" parameters="abc" />
- <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat (concat ('like_query_', 'like_query_%'), concat (?, 'like_query_%'))"
parameters="like_query_abc" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat(concat('', '%'), concat(?, '%'))" parameters="abc" />
+ <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat(concat('like_query_', 'like_query_%'), concat(?, 'like_query_%'))"
parameters="like_query_abc" />
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_nested_concat_for_literals"
db-types="MySQL">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat (concat('', '%'), concat('abc', '%'))" />
- <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat (concat ('like_query_',
'like_query_%'), concat ('like_query_abc', 'like_query_%'))" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat(concat('', '%'), concat('abc', '%'))" />
+ <output sql="SELECT a.account_id, a.`cipher_password` AS password,
a.`cipher_amount` AS a, a.status AS s FROM t_account_bak a WHERE a.account_id =
1 AND a.`like_query_certificate_number` like concat(concat('like_query_',
'like_query_%'), concat('like_query_abc', 'like_query_%'))" />
</rewrite-assertion>
<rewrite-assertion
id="select_where_with_cipher_column_like_nested_concat_for_literals"
db-types="PostgreSQL,openGauss">
- <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat (concat('', '%'), concat('abc', '%'))" />
- <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat (concat ('like_query_', 'like_query_%'), concat ('like_query_abc',
'like_query_%'))" />
+ <input sql="SELECT a.account_id, a.password, a.amount AS a, a.status
AS s FROM t_account_bak a WHERE a.account_id = 1 AND a.certificate_number like
concat(concat('', '%'), concat('abc', '%'))" />
+ <output sql="SELECT a.account_id, a."cipher_password" AS
password, a."cipher_amount" AS a, a.status AS s FROM t_account_bak a
WHERE a.account_id = 1 AND a."like_query_certificate_number" like
concat(concat('like_query_', 'like_query_%'), concat('like_query_abc',
'like_query_%'))" />
</rewrite-assertion>
<rewrite-assertion id="select_from_user_with_column_alias"
db-types="SQLServer">
