Skip to content

Commit

Permalink
[INLONG-8567][Manager] Add new role INLONG_SERVICE for internal servi…
Browse files Browse the repository at this point in the history 
…ce query (#8568)
  • Loading branch information
@vernedeng
vernedeng authored Jul 19, 2023
1 parent cc7d015 commit 6bf6c69
Show file tree
Hide file tree
Showing 12 changed files with 405 additions and 128 deletions.
50 changes: 47 additions & 3 deletions ...r-dao/src/main/java/org/apache/inlong/manager/dao/interceptor/MultiTenantInterceptor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.apache.inlong.manager.pojo.user.UserInfo;

import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.ibatis.binding.MapperMethod;
import org.apache.ibatis.cache.CacheKey;
Expand All @@ -32,6 +33,7 @@
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.ParameterMapping;
import org.apache.ibatis.ognl.ASTConst;
import org.apache.ibatis.plugin.Interceptor;
import org.apache.ibatis.plugin.Intercepts;
import org.apache.ibatis.plugin.Invocation;
Expand All @@ -44,8 +46,10 @@
import org.apache.ibatis.reflection.factory.ObjectFactory;
import org.apache.ibatis.reflection.wrapper.DefaultObjectWrapperFactory;
import org.apache.ibatis.reflection.wrapper.ObjectWrapperFactory;
import org.apache.ibatis.scripting.xmltags.OgnlCache;
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
import org.apache.ibatis.type.StringTypeHandler;

import java.lang.reflect.Field;
import java.sql.PreparedStatement;
Expand All @@ -54,6 +58,8 @@
import java.util.Map;
import java.util.Properties;

import static org.apache.inlong.manager.pojo.user.UserRoleCode.INLONG_SERVICE;

/**
* This interceptor intercept those queries annotated by {@link MultiTenantQuery}.
*
Expand All @@ -74,6 +80,7 @@
public class MultiTenantInterceptor implements Interceptor {

private static final String KEY_TENANT = "tenant";
private static final String KEY_INLONG_SERVICE = "LoginUser.InlongService";
private static final ObjectFactory DEFAULT_OBJECT_FACTORY = new DefaultObjectFactory();
private static final ObjectWrapperFactory DEFAULT_OBJECT_WRAPPER_FACTORY = new DefaultObjectWrapperFactory();
private static final ReflectorFactory REFLECTOR_FACTORY = new DefaultReflectorFactory();
Expand All @@ -94,6 +101,7 @@ private Object doExecutor(Invocation invocation) throws Throwable {
if (!MultiTenantQueryFilter.isMultiTenantQuery(fullMethodName.split(InlongConstants.UNDERSCORE)[0])) {
return invocation.proceed();
}
this.setExpressionCache();
try {
Object[] args = invocation.getArgs();
MappedStatement ms = (MappedStatement) args[0];
Expand All @@ -106,8 +114,9 @@ private Object doExecutor(Invocation invocation) throws Throwable {
// 6 params
boundSql = (BoundSql) args[5];
}

List<ParameterMapping> parameterMappings = boundSql.getParameterMappings();

this.setTenantMapping(parameterMappings);
// new param mapping
Object newParameter = makeNewParameters(parameter, parameterMappings);
// update params
Expand All @@ -128,11 +137,11 @@ private Object doParameterHandler(ParameterHandler parameterHandler, Invocation
if (!MultiTenantQueryFilter.isMultiTenantQuery(fullMethodName.split(InlongConstants.UNDERSCORE)[0])) {
return invocation.proceed();
}

this.setExpressionCache();
Object parameterObject = metaResultSetHandler.getValue("parameterObject");
BoundSql boundSql = (BoundSql) metaResultSetHandler.getValue("boundSql");
Object newParams = makeNewParameters(parameterObject, boundSql.getParameterMappings());

this.setTenantMapping(boundSql.getParameterMappings());
metaResultSetHandler.setValue("parameterObject", newParams);
return invocation.proceed();
}
Expand Down Expand Up @@ -208,6 +217,41 @@ private String getTenant() {
return tenant;
}

private boolean isInlongService() {
UserInfo userInfo = LoginUserUtils.getLoginUser();
if (userInfo == null) {
throw new BusinessException("Current user is null, please login first");
}
if (CollectionUtils.isEmpty(userInfo.getRoles())) {
return false;
}
return userInfo.getRoles().contains(INLONG_SERVICE);
}

private void setExpressionCache() throws NoSuchFieldException, IllegalAccessException {
Field cacheFiled = OgnlCache.class.getDeclaredField("expressionCache");
cacheFiled.setAccessible(true);
Map<String, Object> expressionCache = (Map<String, Object>) cacheFiled.get(null);
ASTConst node = new ASTConst(31);
node.setValue(this.isInlongService());
expressionCache.put(KEY_INLONG_SERVICE, node);
}

private void setTenantMapping(List<ParameterMapping> parameterMappings)
throws NoSuchFieldException, IllegalAccessException {
for (ParameterMapping mapping : parameterMappings) {
if (mapping.getProperty().equals(KEY_TENANT)) {
Field javaType = mapping.getClass().getDeclaredField("javaType");
javaType.setAccessible(true);
javaType.set(mapping, String.class);

Field typeHandler = mapping.getClass().getDeclaredField("typeHandler");
typeHandler.setAccessible(true);
typeHandler.set(mapping, new StringTypeHandler());
}
}
}

@Override
public Object plugin(Object target) {
return Plugin.wrap(target, this);
Expand Down
68 changes: 51 additions & 17 deletions inlong-manager/manager-dao/src/main/resources/mappers/DataNodeEntityMapper.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,30 +60,43 @@
</insert>

<select id="selectById" resultMap="BaseResultMap">
<bind name="_isInlongService" value="LoginUser.InlongService"/>
select
<include refid="Base_Column_List"/>
from data_node
where tenant = #{tenant, jdbcType=VARCHAR}
and is_deleted = 0
and id = #{id, jdbcType=INTEGER}
<where>
<if test="_isInlongService == false">
tenant = #{tenant,jdbcType=VARCHAR}
</if>
and is_deleted = 0
and id = #{id, jdbcType=INTEGER}
</where>
</select>
<select id="selectByUniqueKey" resultType="org.apache.inlong.manager.dao.entity.DataNodeEntity">
<bind name="_isInlongService" value="LoginUser.InlongService"/>
select
<include refid="Base_Column_List"/>
from data_node
where tenant = #{tenant, jdbcType=VARCHAR}
and is_deleted = 0
and name = #{name, jdbcType=VARCHAR}
and type = #{type, jdbcType=VARCHAR}
<where>
<if test="_isInlongService == false">
tenant = #{tenant,jdbcType=VARCHAR}
</if>
and is_deleted = 0
and name = #{name, jdbcType=VARCHAR}
and type = #{type, jdbcType=VARCHAR}
</where>
</select>
<select id="selectByCondition"
parameterType="org.apache.inlong.manager.pojo.node.DataNodePageRequest"
resultType="org.apache.inlong.manager.dao.entity.DataNodeEntity">
<bind name="_isInlongService" value="LoginUser.InlongService"/>
select
<include refid="Base_Column_List"/>
from data_node
<where>
tenant = #{tenant, jdbcType=VARCHAR}
<if test="_isInlongService == false">
tenant = #{tenant,jdbcType=VARCHAR}
</if>
and is_deleted = 0
<if test="name != null and name != ''">
and name = #{name, jdbcType=VARCHAR}
Expand All @@ -106,12 +119,19 @@
order by modify_time desc
</select>
<select id="selectAllDataNodes" resultType="org.apache.inlong.manager.dao.entity.DataNodeEntity">
<bind name="_isInlongService" value="LoginUser.InlongService"/>
select
<include refid="Base_Column_List"/>
from data_node
where is_deleted = 0
<where>
<if test="_isInlongService == false">
tenant = #{tenant,jdbcType=VARCHAR}
</if>
and is_deleted = 0
</where>
</select>
<update id="updateById" parameterType="org.apache.inlong.manager.dao.entity.DataNodeEntity">
<bind name="_isInlongService" value="LoginUser.InlongService"/>
update data_node
set name = #{name, jdbcType=VARCHAR},
display_name = #{displayName, jdbcType=VARCHAR},
Expand All @@ -126,11 +146,16 @@
is_deleted = #{isDeleted, jdbcType=INTEGER},
modifier = #{modifier, jdbcType=VARCHAR},
version = #{version, jdbcType=INTEGER} + 1
where tenant = #{tenant, jdbcType=VARCHAR}
and id = #{id, jdbcType=INTEGER}
and version = #{version, jdbcType=INTEGER}
<where>
id = #{id, jdbcType=INTEGER}
<if test="_isInlongService == false">
and tenant = #{tenant,jdbcType=VARCHAR}
</if>
and version = #{version, jdbcType=INTEGER}
</where>
</update>
<update id="updateByIdSelective" parameterType="org.apache.inlong.manager.dao.entity.DataNodeEntity">
<bind name="_isInlongService" value="LoginUser.InlongService"/>
update data_node
<set>
<if test="name != null">
Expand Down Expand Up @@ -171,16 +196,25 @@
</if>
version = #{version, jdbcType=INTEGER} + 1
</set>
where tenant = #{tenant, jdbcType=VARCHAR}
and id = #{id, jdbcType=INTEGER}
and version = #{version, jdbcType=INTEGER}
<where>
id = #{id, jdbcType=INTEGER}
<if test="_isInlongService == false">
and tenant = #{tenant, jdbcType=VARCHAR}
</if>
and version = #{version, jdbcType=INTEGER}
</where>
</update>

<delete id="deleteById">
<bind name="_isInlongService" value="LoginUser.InlongService"/>
delete
from data_node
where tenant = #{tenant, jdbcType=VARCHAR}
and id = #{id, jdbcType=INTEGER}
<where>
id = #{id, jdbcType=INTEGER}
<if test="_isInlongService == false">
and tenant = #{tenant, jdbcType=VARCHAR}
</if>
</where>
</delete>

</mapper>
Loading

0 comments on commit 6bf6c69

Please sign in to comment.