Skip to content
This repository has been archived by the owner on Apr 23, 2020. It is now read-only.

Commit

Permalink
Added support for ACLs and also made the tracking fields usage config…
Browse files Browse the repository at this point in the history 
…urable
  • Loading branch information
@JohnWarnerEF @adrianluisgonzalez
JohnWarnerEF authored and adrianluisgonzalez committed Feb 19, 2015
1 parent 0635122 commit 94f50d5
Show file tree
Hide file tree
Showing 11 changed files with 364 additions and 17 deletions.
6 changes: 6 additions & 0 deletions exhibitor-core/src/main/java/com/netflix/exhibitor/core/Exhibitor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
import com.netflix.exhibitor.core.config.ConfigProvider;
import com.netflix.exhibitor.core.config.IntConfigs;
import com.netflix.exhibitor.core.config.JQueryStyle;
import com.netflix.exhibitor.core.config.StringConfigs;
import com.netflix.exhibitor.core.controlpanel.ControlPanelValues;
import com.netflix.exhibitor.core.controlpanel.FileBasedPreferences;
import com.netflix.exhibitor.core.index.IndexCache;
Expand Down Expand Up @@ -309,6 +310,11 @@ public synchronized CuratorFramework getLocalConnection() throws IOException
.connectionTimeoutMs(arguments.connectionTimeOutMs)
.retryPolicy(new ExponentialBackoffRetry(1000, 3));

String zkSuperUserPassword = configManager.getConfig().getString(StringConfigs.ZK_SUPER_USER_PASSWORD);
if (zkSuperUserPassword != null && !zkSuperUserPassword.equals("")) {
builder.authorization("digest", ("super:" + zkSuperUserPassword).getBytes());
}

if ( arguments.aclProvider != null )
{
builder = builder.aclProvider(arguments.aclProvider);
Expand Down
10 changes: 10 additions & 0 deletions exhibitor-core/src/main/java/com/netflix/exhibitor/core/config/DefaultProperties.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,16 @@ public int getInt(IntConfigs config)
return 1;
}

case ENABLE_ACLS:
{
return 0;
}

case ENABLE_TRACKING:
{
return 1;
}

}
return 0;
}
Expand Down
20 changes: 20 additions & 0 deletions exhibitor-core/src/main/java/com/netflix/exhibitor/core/config/IntConfigs.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,26 @@ public boolean isRestartSignificant()
{
return false;
}
},

/**
* true/false (0 or 1) - this will enable the viewing and modification of znode ACLs. The default is disabled.
*/
ENABLE_ACLS {
@Override
public boolean isRestartSignificant() {
return false;
}
},

/**
* true/false (0 or 1) - this will enable the tracking fields on the modifiy dialog box. The default is enabled.
*/
ENABLE_TRACKING {
@Override
public boolean isRestartSignificant() {
return false;
}
}
;

Expand Down
7 changes: 7 additions & 0 deletions exhibitor-core/src/main/java/com/netflix/exhibitor/core/config/StringConfigs.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,13 @@ public boolean isRestartSignificant()
{
return true;
}
},

ZK_SUPER_USER_PASSWORD {
@Override
public boolean isRestartSignificant() {
return true;
}
}
;

Expand Down
12 changes: 11 additions & 1 deletion exhibitor-core/src/main/java/com/netflix/exhibitor/core/rest/ConfigResource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.ContextResolver;
import java.io.IOException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
Expand All @@ -57,6 +58,13 @@ public class ConfigResource

private static final String CANT_UPDATE_CONFIG_MESSAGE = "It appears that another process has updated the config. Your change was not committed.";

/**
* Contains a list of all those properties that we don't want returned in the 'get-state' method.
*/
private static final List<StringConfigs> EXCLUSIONS = Arrays.asList(
StringConfigs.ZK_SUPER_USER_PASSWORD
);

public ConfigResource(@Context ContextResolver<UIContext> resolver)
{
context = resolver.getContext(UIContext.class);
Expand Down Expand Up @@ -92,7 +100,9 @@ public Response getSystemState(@Context Request request) throws Exception
configNode.put("serverId", (us != null) ? us.getServerId() : -1);
for ( StringConfigs c : StringConfigs.values() )
{
configNode.put(fixName(c), config.getString(c));
if ( !EXCLUSIONS.contains(c) ) {
configNode.put(fixName(c), config.getString(c));
}
}
for ( IntConfigs c : IntConfigs.values() )
{
Expand Down
70 changes: 70 additions & 0 deletions exhibitor-core/src/main/java/com/netflix/exhibitor/core/rest/ExplorerResource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import com.netflix.exhibitor.core.analyze.PathAndMax;
import com.netflix.exhibitor.core.analyze.PathComplete;
import com.netflix.exhibitor.core.analyze.UsageListing;
import com.netflix.exhibitor.core.config.IntConfigs;
import com.netflix.exhibitor.core.entities.IdList;
import com.netflix.exhibitor.core.entities.PathAnalysis;
import com.netflix.exhibitor.core.entities.PathAnalysisNode;
Expand All @@ -34,7 +35,10 @@
import org.apache.curator.utils.CloseableUtils;
import org.apache.curator.utils.ZKPaths;
import org.apache.zookeeper.KeeperException;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Id;
import org.apache.zookeeper.data.Stat;
import org.apache.zookeeper.ZooDefs;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.node.ArrayNode;
import org.codehaus.jackson.node.JsonNodeFactory;
Expand All @@ -44,10 +48,12 @@
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.ContextResolver;
import javax.xml.bind.DatatypeConverter;
import java.io.PipedInputStream;
import java.io.PipedOutputStream;
import java.io.PrintStream;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
Expand All @@ -61,10 +67,12 @@ public class ExplorerResource
private final ExecutorService executorService = Executors.newCachedThreadPool();

private static final String ERROR_KEY = "*";
private final boolean aclsEnabled;

public ExplorerResource(@Context ContextResolver<UIContext> resolver)
{
context = resolver.getContext(UIContext.class);
aclsEnabled = context.getExhibitor().getConfigManager().getConfig().getInt(IntConfigs.ENABLE_ACLS) == 1;
}

public static String bytesToString(byte[] bytes)
Expand Down Expand Up @@ -139,6 +147,7 @@ private void recursivelyDelete(String path) throws Exception
@HeaderParam("netflix-user-name") String trackingUserName,
@HeaderParam("netflix-ticket-number") String trackingTicketNumber,
@HeaderParam("netflix-reason") String trackingReason,
@HeaderParam("acls") String aclsJsonArray,
String binaryDataStr
)
{
Expand All @@ -156,6 +165,18 @@ private void recursivelyDelete(String path) throws Exception

try
{
List<ACL> acls = new ArrayList<ACL>();
boolean processAcls = (aclsEnabled && (aclsJsonArray != null && !aclsJsonArray.equals("")));

if (processAcls) {
ObjectMapper mapper = new ObjectMapper();
List<ObjectNode> aclsInJson = mapper.readValue(DatatypeConverter.parseBase64Binary(aclsJsonArray), new TypeReference<List<ObjectNode>>() {});
for (ObjectNode aclInJson : aclsInJson) {
Id id = new Id(aclInJson.get("scheme").getTextValue(), aclInJson.get("id").getTextValue());
acls.add(new ACL(aclInJson.get("bitmask").getIntValue(), id));
}
}

binaryDataStr = binaryDataStr.replace(" ", "");
byte[] data = new byte[binaryDataStr.length() / 2];
for ( int i = 0; i < data.length; ++i )
Expand All @@ -169,11 +190,21 @@ private void recursivelyDelete(String path) throws Exception
{
context.getExhibitor().getLocalConnection().setData().forPath(path, data);
context.getExhibitor().getLog().add(ActivityLog.Type.INFO, String.format("createNode() updated node [%s] to data [%s]", path, binaryDataStr));

if (processAcls) {
context.getExhibitor().getLocalConnection().setACL().withACL(acls).forPath(path);
context.getExhibitor().getLog().add(ActivityLog.Type.INFO, String.format("createNode() updated acls for node [%s]", path));
}
}
catch ( KeeperException.NoNodeException dummy )
{
context.getExhibitor().getLocalConnection().create().creatingParentsIfNeeded().forPath(path, data);
context.getExhibitor().getLog().add(ActivityLog.Type.INFO, String.format("createNode() created node [%s] with data [%s]", path, binaryDataStr));

if (processAcls) {
context.getExhibitor().getLocalConnection().setACL().withACL(acls).forPath(path);
context.getExhibitor().getLog().add(ActivityLog.Type.INFO, String.format("createNode() updated acls for node [%s]" , path));
}
}
}
catch ( Exception e )
Expand All @@ -199,6 +230,21 @@ public String getNodeData(@QueryParam("key") String key) throws Exception
Stat stat = context.getExhibitor().getLocalConnection().checkExists().forPath(key);
byte[] bytes = context.getExhibitor().getLocalConnection().getData().storingStatIn(stat).forPath(key);

if (aclsEnabled) {
List<ACL> acls = context.getExhibitor().getLocalConnection().getACL().forPath(key);
ArrayNode aclsNode = node.putArray("acls");
StringBuilder aclsAsString = new StringBuilder();

for (ACL acl : acls) {
aclsAsString.append(encodeAclToString(acl));
aclsAsString.append("<br/>");

aclsNode.add(encodeAclToJson(acl));
}
node.put("aclsArray", aclsNode);
node.put("acls", aclsAsString.toString());
}

if (bytes != null) {
node.put("bytes", bytesToString(bytes));
node.put("str", new String(bytes, "UTF-8"));
Expand All @@ -223,6 +269,30 @@ public String getNodeData(@QueryParam("key") String key) throws Exception
return node.toString();
}

private String encodeAclToString(ACL acl) {
String scheme = acl.getId().getScheme();
String id = acl.getId().getId();

StringBuilder perms = new StringBuilder();
if ((acl.getPerms() & ZooDefs.Perms.READ) > 0) perms.append("R");
if ((acl.getPerms() & ZooDefs.Perms.WRITE) > 0) perms.append("W");
if ((acl.getPerms() & ZooDefs.Perms.CREATE) > 0) perms.append("C");
if ((acl.getPerms() & ZooDefs.Perms.DELETE) > 0) perms.append("D");
if ((acl.getPerms() & ZooDefs.Perms.ADMIN) > 0) perms.append("A");

return scheme + ":" + id + "=" + perms.toString();
}

private ObjectNode encodeAclToJson(ACL acl) {
ObjectNode node = JsonNodeFactory.instance.objectNode();

node.put("scheme", acl.getId().getScheme());
node.put("id", acl.getId().getId());
node.put("perms", acl.getPerms());

return node;
}

@GET
@Path("node")
@Produces("application/json")
Expand Down
17 changes: 16 additions & 1 deletion exhibitor-core/src/main/resources/com/netflix/exhibitor/core/ui/css/exhibitor.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ label
border: 1px solid gray;
}

#path, #stat, #data-bytes, #data-str
#path, #stat, #data-bytes, #data-str, #node-acl
{
font-family: monospace;
font-size: 125%;
Expand Down Expand Up @@ -558,6 +558,21 @@ fieldset
font-style: italic;
}

#node-acls-table
{
width: 480px;
}

.acl-element
{
text-align: left;
}

.acl-checkbox
{
text-align: center;
}

.open-window
{
position: absolute;
Expand Down
59 changes: 54 additions & 5 deletions exhibitor-core/src/main/resources/com/netflix/exhibitor/core/ui/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,9 @@
<tr valign="top">
<td nowrap><strong>Data as String</strong></td> <td><span id="data-str"></span></td>
</tr>
<tr valign="top" class="acl-component">
<td nowrap><strong>ACLs</strong></td> <td><span id="node-acl"></span></td>
</tr>
</table>
</div>

Expand Down Expand Up @@ -209,6 +212,14 @@
<label for="config-check-ms">Live Check (ms)</label><input type="text" id="config-check-ms" class="mask-pint" name="config-check-ms" size="8" title="The number of milliseconds between live-ness checks on the ZooKeeper server"><br clear="all"/>
<label for="config-cleanup-ms">Cleanup Period (ms)</label><input type="text" id="config-cleanup-ms" class="mask-pint" name="config-cleanup-ms" size="8" title="The number of milliseconds between ZooKeeper log file cleanups"><br clear="all"/>
<label for="config-cleanup-max-files">Cleanup: Max Log Files</label><input type="text" id="config-cleanup-max-files" class="mask-pint" name="config-cleanup-max-files" size="2" title="The max number of ZooKeeper log files to keep when cleaning up"><br clear="all"/>
<label for="config-enable-acls">Enable ACLs</label><select type="text" id="config-enable-acls" class="mask-pint" name="config-enable-acls" size="1" title="If set to 'yes', then Exhibitor will allow viewing and modification of ACLs.">
<option value="0">No</option>
<option value="1">Yes</option>
</select><br clear="all"/>
<label for="config-enable-tracking-fields">Enable Tracking Fields</label><select type="text" id="config-enable-tracking-fields" class="mask-pint" name="config-enable-tracking-fields" size="1" title="If set to 'yes', then Exhibitor will allow viewing and modification of ACLs.">
<option value="0">No</option>
<option value="1">Yes</option>
</select><br clear="all"/>
</fieldset>

<fieldset id="config-backups-fieldset">
Expand Down Expand Up @@ -337,6 +348,32 @@
rollback to the previous configuration or force commit to the updated configuration.
</div>

<div id="get-node-data-acls-table-row" class="ui-helper-hidden">
<table>
<tr id="node-acls-table-headers">
<th class="acl-checkbox"></th>
<th class="acl-element">Scheme</th>
<th class="acl-element">ID</th>
<th class="acl-checkbox">R</th>
<th class="acl-checkbox">W</th>
<th class="acl-checkbox">C</th>
<th class="acl-checkbox">D</th>
<th class="acl-checkbox">A</th>
</tr>

<tr name="aclrow">
<td class="acl-checkbox"><input type="checkbox" name="deleteacl"/></td>
<td class="acl-element"><input type="text" class="acl-element" name="schemeinput"/><span class="acl-element" name="schemeinputtext"></span></td>
<td class="acl-element"><input type="text" class="acl-element" name="idinput"/><span class="acl-element" name="idinputtext"></span></td>
<td class="acl-checkbox"><input type="checkbox" name="readperm" data-bitmask="1"/></td>
<td class="acl-checkbox"><input type="checkbox" name="writeperm" data-bitmask="2"/></td>
<td class="acl-checkbox"><input type="checkbox" name="createperm" data-bitmask="4"/></td>
<td class="acl-checkbox"><input type="checkbox" name="deleteperm" data-bitmask="8"/></td>
<td class="acl-checkbox"><input type="checkbox" name="adminperm" data-bitmask="16"/></td>
</tr>
</table>
</div>

<div id="get-node-data-dialog" class="ui-helper-hidden">
<div>
<label for="node-action">Type </label><select name="node-action" id="node-action">
Expand All @@ -348,13 +385,25 @@
<label for="node-name">Path </label><input type="text" id="node-name" name="node-name" size="40"><br clear="all"/>
</div>
<div id="node-data-container">
<label for="node-data">Data </label><textarea id="node-data" name="node-data" cols="45" rows="3"></textarea><select name="node-data-type" id="node-data-type">
<option value="string">String</option>
<option value="binary">Binary</option>
</select><br clear="all"/>
<label for="node-data">Data </label><textarea id="node-data" name="node-data" cols="45" rows="3"></textarea>
<select name="node-data-type" id="node-data-type">
<option value="string">String</option>
<option value="binary">Binary</option>
</select>
<fieldset class="acl-component">
<legend>ACLs</legend>

<table id="node-acls-table" class="ui-helper-hidden">
</table>

<button id="add-acl">Add ACL</button>
<button id="remove-acls">Remove ACLs</button>
</fieldset>

<br clear="all"/>
</div>

<fieldset>
<fieldset class="tracking-fields-component">
<legend>Tracking</legend>
<label for="node-data-user">Username</label><input type="text" id="node-data-user" name="node-data-user" size="20" title="Your username"><br clear="all"/>
<label for="node-data-ticket">Ticket/Code</label><input type="text" id="node-data-ticket" name="node-data-ticket" size="20" title="Ticket/tag number for this operation"><br clear="all"/>
Expand Down
Loading

0 comments on commit 94f50d5

Please sign in to comment.