Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Apache RocketMQ
Rocketmq
提交
be83a9a3
R
Rocketmq
项目概览
Apache RocketMQ
/
Rocketmq
上一次同步 大约 3 年
通知
270
Star
16139
Fork
68
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
Rocketmq
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
提交
be83a9a3
编写于
12月 29, 2018
作者:
D
dongeforever
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Polish acl names
上级
1a80c5ba
变更
6
显示空白变更内容
内联
并排
Showing
6 changed file
with
46 addition
and
35 deletion
+46
-35
acl/src/main/java/org/apache/rocketmq/acl/common/SigningAlgorithm.java
...java/org/apache/rocketmq/acl/common/SigningAlgorithm.java
+1
-1
acl/src/main/java/org/apache/rocketmq/acl/plain/PlainPermissionLoader.java
.../org/apache/rocketmq/acl/plain/PlainPermissionLoader.java
+9
-8
acl/src/test/java/org/apache/rocketmq/acl/plain/PlainPermissionLoaderTest.java
.../apache/rocketmq/acl/plain/PlainPermissionLoaderTest.java
+33
-23
acl/src/test/resources/conf/plain_acl.yml
acl/src/test/resources/conf/plain_acl.yml
+1
-1
distribution/conf/plain_acl.yml
distribution/conf/plain_acl.yml
+1
-1
distribution/conf/tools.yml
distribution/conf/tools.yml
+1
-1
未找到文件。
acl/src/main/java/org/apache/rocketmq/acl/common/SigningAlgorithm.java
浏览文件 @
be83a9a3
...
...
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org.apache.rocketmq.acl.common
;
//package com.aliyun.openservices.ons.api.impl.rocketmq.spas;
package
org.apache.rocketmq.acl.common
;
public
enum
SigningAlgorithm
{
HmacSHA1
,
...
...
acl/src/main/java/org/apache/rocketmq/acl/plain/PlainPermissionLoader.java
浏览文件 @
be83a9a3
...
...
@@ -18,6 +18,7 @@ package org.apache.rocketmq.acl.plain;
import
com.alibaba.fastjson.JSONArray
;
import
com.alibaba.fastjson.JSONObject
;
import
java.io.File
;
import
java.io.IOException
;
import
java.nio.file.FileSystems
;
import
java.nio.file.Path
;
...
...
@@ -66,21 +67,21 @@ public class PlainPermissionLoader {
}
public
void
initialize
()
{
JSONObject
accessControlTransport
=
AclUtils
.
getYamlDataObject
(
fileHome
+
fileName
,
JSONObject
plainAclConfData
=
AclUtils
.
getYamlDataObject
(
fileHome
+
File
.
separator
+
fileName
,
JSONObject
.
class
);
if
(
accessControlTransport
==
null
||
accessControlTransport
.
isEmpty
())
{
throw
new
AclException
(
String
.
format
(
"%s file is not data"
,
fileHome
+
fileName
));
if
(
plainAclConfData
==
null
||
plainAclConfData
.
isEmpty
())
{
throw
new
AclException
(
String
.
format
(
"%s file is not data"
,
fileHome
+
File
.
separator
+
fileName
));
}
log
.
info
(
"B
orkerAccessControlTransport data is : "
,
accessControlTransport
.
toString
());
JSONArray
globalWhiteRemoteAddressesList
=
accessControlTransport
.
getJSONArray
(
"globalWhiteRemoteAddresses"
);
log
.
info
(
"B
roker plain acl conf data is : "
,
plainAclConfData
.
toString
());
JSONArray
globalWhiteRemoteAddressesList
=
plainAclConfData
.
getJSONArray
(
"globalWhiteRemoteAddresses"
);
if
(
globalWhiteRemoteAddressesList
!=
null
&&
!
globalWhiteRemoteAddressesList
.
isEmpty
())
{
for
(
int
i
=
0
;
i
<
globalWhiteRemoteAddressesList
.
size
();
i
++)
{
addGlobalWhiteRemoteAddress
(
globalWhiteRemoteAddressesList
.
getString
(
i
));
}
}
JSONArray
accounts
=
accessControlTransport
.
getJSONArray
(
"accounts"
);
JSONArray
accounts
=
plainAclConfData
.
getJSONArray
(
"accounts"
);
if
(
accounts
!=
null
&&
!
accounts
.
isEmpty
())
{
List
<
PlainAccessConfig
>
plainAccessList
=
accounts
.
toJavaList
(
PlainAccessConfig
.
class
);
for
(
PlainAccessConfig
plainAccess
:
plainAccessList
)
{
...
...
@@ -101,10 +102,10 @@ public class PlainPermissionLoader {
int
fileIndex
=
fileName
.
lastIndexOf
(
"/"
)
+
1
;
String
watchDirectory
=
fileName
.
substring
(
0
,
fileIndex
);
final
String
watchFileName
=
fileName
.
substring
(
fileIndex
);
log
.
info
(
"watch directory is {} , watch directory file name is {} "
,
fileHome
+
watchDirectory
,
watchFileName
);
log
.
info
(
"watch directory is {} , watch directory file name is {} "
,
fileHome
+
File
.
separator
+
watchDirectory
,
watchFileName
);
final
WatchService
watcher
=
FileSystems
.
getDefault
().
newWatchService
();
Path
p
=
Paths
.
get
(
fileHome
+
watchDirectory
);
Path
p
=
Paths
.
get
(
fileHome
+
File
.
separator
+
watchDirectory
);
p
.
register
(
watcher
,
StandardWatchEventKinds
.
ENTRY_MODIFY
,
StandardWatchEventKinds
.
ENTRY_CREATE
);
ServiceThread
watcherServcie
=
new
ServiceThread
()
{
...
...
acl/src/test/java/org/apache/rocketmq/acl/plain/PlainPermissionLoaderTest.java
浏览文件 @
be83a9a3
...
...
@@ -28,6 +28,7 @@ import org.apache.commons.lang3.reflect.FieldUtils;
import
org.apache.rocketmq.acl.common.AclException
;
import
org.apache.rocketmq.acl.common.Permission
;
import
org.apache.rocketmq.acl.plain.PlainPermissionLoader.PlainAccessConfig
;
import
org.apache.rocketmq.common.UtilAll
;
import
org.junit.Assert
;
import
org.junit.Before
;
import
org.junit.Test
;
...
...
@@ -61,9 +62,8 @@ public class PlainPermissionLoaderTest {
ANYPlainAccessResource
=
clonePlainAccessResource
(
Permission
.
ANY
);
DENYPlainAccessResource
=
clonePlainAccessResource
(
Permission
.
DENY
);
System
.
setProperty
(
"java.version"
,
"1.6.11"
);
System
.
setProperty
(
"rocketmq.home.dir"
,
"src/test/resources"
);
System
.
setProperty
(
"ro
mcketmq.acl.plain.fileNam
e"
,
"/conf/plain_acl.yml"
);
System
.
setProperty
(
"ro
cketmq.acl.plain.fil
e"
,
"/conf/plain_acl.yml"
);
plainPermissionLoader
=
new
PlainPermissionLoader
();
}
...
...
@@ -211,47 +211,57 @@ public class PlainPermissionLoaderTest {
Assert
.
assertFalse
(
plainPermissionLoader
.
isWatchStart
());
}
@SuppressWarnings
(
"unchecked"
)
@Test
public
void
watchTest
()
throws
IOException
,
IllegalAccessException
{
public
void
testWatch
()
throws
IOException
,
IllegalAccessException
{
System
.
setProperty
(
"java.version"
,
"1.7.11"
);
System
.
setProperty
(
"rocketmq.home.dir"
,
"src/test/resources/
watch
"
);
File
file
=
new
File
(
"src/test/resources/watch/conf
"
);
file
.
mkdirs
()
;
File
transport
=
new
File
(
"src/test/resources/watch/conf/plain_acl.yml"
);
System
.
setProperty
(
"rocketmq.home.dir"
,
"src/test/resources/
conf
"
);
System
.
setProperty
(
"rocketmq.acl.plain.file"
,
"watch/plain_acl_watch.yml
"
);
String
fileName
=
"src/test/resources/conf/watch/plain_acl_watch.yml"
;
File
transport
=
new
File
(
fileName
);
transport
.
delete
();
transport
.
createNewFile
();
FileWriter
writer
=
new
FileWriter
(
transport
);
writer
.
write
(
"accounts:\r\n"
);
writer
.
write
(
"- accessKey: ro
kc
etmq\r\n"
);
writer
.
write
(
" secretKey:
aliyun11
\r\n"
);
writer
.
write
(
"- accessKey: ro
ck
etmq\r\n"
);
writer
.
write
(
" secretKey:
12345678
\r\n"
);
writer
.
write
(
" whiteRemoteAddress: 127.0.0.1\r\n"
);
writer
.
write
(
" admin: true\r\n"
);
writer
.
flush
();
writer
.
close
();
System
.
out
.
println
(
System
.
getProperty
(
"rocketmq.acl.plain.file"
));
PlainPermissionLoader
plainPermissionLoader
=
new
PlainPermissionLoader
();
Assert
.
assertTrue
(
plainPermissionLoader
.
isWatchStart
());
Map
<
String
,
List
<
PlainAccessResource
>>
plainAccessResourceMap
=
(
Map
<
String
,
List
<
PlainAccessResource
>>)
FieldUtils
.
readDeclaredField
(
plainPermissionLoader
,
"plainAccessResourceMap"
,
true
);
Assert
.
assertNotNull
(
plainAccessResourceMap
.
get
(
"rokcetmq"
));
{
Map
<
String
,
PlainAccessResource
>
plainAccessResourceMap
=
(
Map
<
String
,
PlainAccessResource
>)
FieldUtils
.
readDeclaredField
(
plainPermissionLoader
,
"plainAccessResourceMap"
,
true
);
PlainAccessResource
accessResource
=
plainAccessResourceMap
.
get
(
"rocketmq"
);
Assert
.
assertNotNull
(
accessResource
);
Assert
.
assertEquals
(
accessResource
.
getSecretKey
(),
"12345678"
);
Assert
.
assertTrue
(
accessResource
.
isAdmin
());
}
writer
=
new
FileWriter
(
new
File
(
"src/test/resources/watch/conf/plain_acl.yml"
),
true
);
writer
.
write
(
"- accessKey: ro
kcet
1\r\n"
);
writer
.
write
(
" secretKey:
aliyun1
\r\n"
);
writer
=
new
FileWriter
(
new
File
(
fileName
),
true
);
writer
.
write
(
"- accessKey: ro
cketmq
1\r\n"
);
writer
.
write
(
" secretKey:
88888888
\r\n"
);
writer
.
write
(
" whiteRemoteAddress: 127.0.0.1\r\n"
);
writer
.
write
(
" admin:
tru
e\r\n"
);
writer
.
write
(
" admin:
fals
e\r\n"
);
writer
.
flush
();
writer
.
close
();
try
{
Thread
.
sleep
(
100
);
}
catch
(
InterruptedException
e
)
{
e
.
printStackTrace
(
);
}
plainAccessResourceMap
=
(
Map
<
String
,
List
<
PlainAccessResource
>>)
FieldUtils
.
readDeclaredField
(
plainPermissionLoader
,
"plainAccessResourceMap"
,
true
);
Assert
.
assertNotNull
(
plainAccessResourceMap
.
get
(
"rokcet1"
));
UtilAll
.
sleep
(
1000
);
{
Map
<
String
,
PlainAccessResource
>
plainAccessResourceMap
=
(
Map
<
String
,
PlainAccessResource
>)
FieldUtils
.
readDeclaredField
(
plainPermissionLoader
,
"plainAccessResourceMap"
,
true
);
PlainAccessResource
accessResource
=
plainAccessResourceMap
.
get
(
"rocketmq1"
);
Assert
.
assertNotNull
(
accessResource
);
Assert
.
assertEquals
(
accessResource
.
getSecretKey
(),
"88888888"
);
Assert
.
assertFalse
(
accessResource
.
isAdmin
(
));
}
transport
.
delete
();
}
@Test
(
expected
=
AclException
.
class
)
public
void
initializeTest
()
{
...
...
acl/src/test/resources/conf/plain_acl.yml
浏览文件 @
be83a9a3
...
...
@@ -36,7 +36,7 @@ accounts:
-
groupB=SUB
-
groupC=SUB
-
accessKey
:
aliyun.com
-
accessKey
:
rocketmq2
secretKey
:
12345678
whiteRemoteAddress
:
192.168.1.*
# if it is admin, it could access all resources
...
...
distribution/conf/plain_acl.yml
浏览文件 @
be83a9a3
...
...
@@ -32,7 +32,7 @@ accounts:
-
groupB=PUB|SUB
-
groupC=SUB
-
accessKey
:
aliyun.com
-
accessKey
:
rocketmq2
secretKey
:
12345678
whiteRemoteAddress
:
192.168.1.*
# if it is admin, it could access all resources
...
...
distribution/conf/tools.yml
浏览文件 @
be83a9a3
...
...
@@ -14,6 +14,6 @@
# limitations under the License.
accessKey
:
aliyun.com
accessKey
:
rocketmq
secretKey
:
12345678
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录