diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/AuthenticationInfoManagementAclPlugEngine.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/AuthenticationInfoManagementAclPlugEngine.java index 7a4eeeffda9422d42832d6f4b6966815e8649741..4c601abfd9f2fe6fd94e53707e58bc081d457876 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/AuthenticationInfoManagementAclPlugEngine.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/AuthenticationInfoManagementAclPlugEngine.java @@ -25,6 +25,7 @@ import org.apache.rocketmq.acl.plug.Authentication; import org.apache.rocketmq.acl.plug.entity.AccessControl; import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo; import org.apache.rocketmq.acl.plug.entity.AuthenticationResult; +import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport; import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl; import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException; import org.apache.rocketmq.acl.plug.strategy.NetaddressStrategy; @@ -87,6 +88,8 @@ public abstract class AuthenticationInfoManagementAclPlugEngine implements AclPl Map accessControlAddressMap = accessControlMap.get(accessControl.getAccount()); if (accessControlAddressMap != null) { existing = accessControlAddressMap.get(accessControl.getNetaddress()); + if (existing == null) + return null; if (existing.getAccessControl().getPassword().equals(accessControl.getPassword())) { if (existing.getNetaddressStrategy().match(accessControl)) { return existing; @@ -113,6 +116,21 @@ public abstract class AuthenticationInfoManagementAclPlugEngine implements AclPl return authenticationResult; } + void setBorkerAccessControlTransport(BorkerAccessControlTransport transport) { + if (transport.getOnlyNetAddress() == null && (transport.getList() == null || transport.getList().size() == 0)) { + throw new AclPlugAccountAnalysisException("onlyNetAddress and list can't be all empty"); + } + + if (transport.getOnlyNetAddress() != null) { + this.setNetaddressAccessControl(transport.getOnlyNetAddress()); + } + if (transport.getList() != null || transport.getList().size() > 0) { + for (AccessControl accessControl : transport.getList()) { + this.setAccessControl(accessControl); + } + } + } + protected abstract AuthenticationInfo getAuthenticationInfo(LoginOrRequestAccessControl accessControl, AuthenticationResult authenticationResult); } diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/LoginInfoAclPlugEngine.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/LoginInfoAclPlugEngine.java index 3831803ca47115cc2cdae3cb194c5e8cba8a2515..304c18f36350855f1f458e4caf0814a0d54eb96e 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/LoginInfoAclPlugEngine.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/LoginInfoAclPlugEngine.java @@ -29,21 +29,15 @@ public abstract class LoginInfoAclPlugEngine extends AuthenticationInfoManagemen private Map loginInfoMap = new ConcurrentHashMap<>(); - @Override - public AuthenticationInfo getAccessControl(AccessControl accessControl) { - AuthenticationInfo authenticationInfo = super.getAccessControl(accessControl); - if (authenticationInfo != null) { - LoginInfo loginInfo = new LoginInfo(); - loginInfo.setAuthenticationInfo(authenticationInfo); - loginInfoMap.put(accessControl.getRecognition(), loginInfo); - } - return authenticationInfo; - } - public LoginInfo getLoginInfo(AccessControl accessControl) { LoginInfo loginInfo = loginInfoMap.get(accessControl.getRecognition()); - if (loginInfo == null && getAccessControl(accessControl) != null) { - loginInfo = loginInfoMap.get(accessControl.getRecognition()); + if (loginInfo == null) { + AuthenticationInfo authenticationInfo = super.getAccessControl(accessControl); + if (authenticationInfo != null) { + loginInfo = new LoginInfo(); + loginInfo.setAuthenticationInfo(authenticationInfo); + loginInfoMap.put(accessControl.getRecognition(), loginInfo); + } } if (loginInfo != null) { loginInfo.setOperationTime(System.currentTimeMillis()); @@ -60,9 +54,8 @@ public abstract class LoginInfoAclPlugEngine extends AuthenticationInfoManagemen LoginInfo anthenticationInfo = getLoginInfo(accessControl); if (anthenticationInfo != null && anthenticationInfo.getAuthenticationInfo() != null) { return anthenticationInfo.getAuthenticationInfo(); - } else { - authenticationResult.setResultString("Login information does not exist, Please check login, password, IP"); } + authenticationResult.setResultString("Login information does not exist, Please check login, password, IP"); return null; } diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java index 68d7d908cae5c6cc9dd75eb7df6770aa34ac1390..dd7acbf79977b29fd18d48f16cd42e67547193b5 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java @@ -18,9 +18,8 @@ package org.apache.rocketmq.acl.plug.engine; import java.io.File; import java.io.FileInputStream; -import java.io.FileNotFoundException; +import java.io.IOException; -import org.apache.rocketmq.acl.plug.entity.AccessControl; import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport; import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity; import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException; @@ -39,17 +38,26 @@ public class PlainAclPlugEngine extends LoginInfoAclPlugEngine { void init() throws AclPlugAccountAnalysisException { String filePath = controllerParametersEntity.getFileHome() + "/conf/transport.yml"; Yaml ymal = new Yaml(); - FileInputStream fis; + FileInputStream fis = null; + BorkerAccessControlTransport transport; try { fis = new FileInputStream(new File(filePath)); - BorkerAccessControlTransport transport = ymal.loadAs(fis, BorkerAccessControlTransport.class); - super.setNetaddressAccessControl(transport.getOnlyNetAddress()); - for (AccessControl accessControl : transport.getList()) { - super.setAccessControl(accessControl); - } - } catch (FileNotFoundException e) { + transport = ymal.loadAs(fis, BorkerAccessControlTransport.class); + } catch (Exception e) { throw new AclPlugAccountAnalysisException("The transport.yml file for Plain mode was not found", e); + } finally { + if (fis != null) { + try { + fis.close(); + } catch (IOException e) { + throw new AclPlugAccountAnalysisException("close transport fileInputStream Exception", e); + } + } + } + if (transport == null) { + throw new AclPlugAccountAnalysisException("transport.yml file is no data"); } + super.setBorkerAccessControlTransport(transport); } } diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/BorkerAccessControl.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/BorkerAccessControl.java index 0782e37b5fed66fee2b609a598b8e82652238f04..9de76fba9f9bbff6d1974617fca057f07c957197 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/BorkerAccessControl.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/BorkerAccessControl.java @@ -21,7 +21,6 @@ import java.util.Set; import org.apache.rocketmq.acl.plug.annotation.RequestCode; - public class BorkerAccessControl extends AccessControl { public BorkerAccessControl() { diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/AbstractNetaddressStrategy.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/AbstractNetaddressStrategy.java index 29f5b29cf3e9c4d2f9e5d2f613f97ff8da55a960..0947733e21f892e323811d4dab1cd10fb214f30b 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/AbstractNetaddressStrategy.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/AbstractNetaddressStrategy.java @@ -17,11 +17,14 @@ package org.apache.rocketmq.acl.plug.strategy; import org.apache.rocketmq.acl.plug.AclUtils; +import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException; public abstract class AbstractNetaddressStrategy implements NetaddressStrategy { public void verify(String netaddress, int index) { - AclUtils.isScope(netaddress, index); + if (!AclUtils.isScope(netaddress, index)) { + throw new AclPlugAccountAnalysisException(String.format("netaddress examine scope Exception netaddress is %s", netaddress)); + } } } diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyFactory.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyFactory.java index 9bf28b5b71a45faa4e8246b76f0d151e01b07216..040d2cbfe7ab478b1cd6a07589e61af81438641d 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyFactory.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyFactory.java @@ -19,6 +19,7 @@ package org.apache.rocketmq.acl.plug.strategy; import org.apache.commons.lang3.StringUtils; import org.apache.rocketmq.acl.plug.AclUtils; import org.apache.rocketmq.acl.plug.entity.AccessControl; +import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException; public class NetaddressStrategyFactory { @@ -28,14 +29,14 @@ public class NetaddressStrategyFactory { return NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY; } if (netaddress.endsWith("}")) { - String[] strArray = StringUtils.split(netaddress); + String[] strArray = StringUtils.split(netaddress, "."); String four = strArray[3]; if (!four.startsWith("{")) { - + throw new AclPlugAccountAnalysisException(String.format("MultipleNetaddressStrategy netaddress examine scope Exception netaddress", netaddress)); } return new MultipleNetaddressStrategy(AclUtils.getAddreeStrArray(netaddress, four)); } else if (AclUtils.isColon(netaddress)) { - return new MultipleNetaddressStrategy(StringUtils.split(",")); + return new MultipleNetaddressStrategy(StringUtils.split(netaddress, ",")); } else if (AclUtils.isAsterisk(netaddress) || AclUtils.isMinus(netaddress)) { return new RangeNetaddressStrategy(netaddress); } diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/OneNetaddressStrategy.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/OneNetaddressStrategy.java index 027e49334d0c6207595accc12acf1038b2f6e48c..51f803fbb11340f4359815848558e3baf13f0f08 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/OneNetaddressStrategy.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/OneNetaddressStrategy.java @@ -24,6 +24,7 @@ public class OneNetaddressStrategy extends AbstractNetaddressStrategy { public OneNetaddressStrategy(String netaddress) { this.netaddress = netaddress; + verify(netaddress, 4); } @Override diff --git a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/RangeNetaddressStrategy.java b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/RangeNetaddressStrategy.java index c56b86678b70db742bee50faab8770041dcbe556..895822b20b0fd736cd4b0597a0b5c24a5e9b4fa1 100644 --- a/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/RangeNetaddressStrategy.java +++ b/acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/RangeNetaddressStrategy.java @@ -19,6 +19,7 @@ package org.apache.rocketmq.acl.plug.strategy; import org.apache.commons.lang3.StringUtils; import org.apache.rocketmq.acl.plug.AclUtils; import org.apache.rocketmq.acl.plug.entity.AccessControl; +import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException; public class RangeNetaddressStrategy extends AbstractNetaddressStrategy { @@ -33,7 +34,7 @@ public class RangeNetaddressStrategy extends AbstractNetaddressStrategy { public RangeNetaddressStrategy(String netaddress) { String[] strArray = StringUtils.split(netaddress, "."); if (analysis(strArray, 2) || analysis(strArray, 3)) { - verify(netaddress, index); + verify(netaddress, index - 1); StringBuffer sb = new StringBuffer().append(strArray[0].trim()).append(".").append(strArray[1].trim()).append("."); if (index == 3) { sb.append(strArray[2].trim()).append("."); @@ -48,11 +49,15 @@ public class RangeNetaddressStrategy extends AbstractNetaddressStrategy { if ("*".equals(value)) { setValue(0, 255); } else if (AclUtils.isMinus(value)) { + if (value.indexOf("-") == 0) { + throw new AclPlugAccountAnalysisException(String.format("RangeNetaddressStrategy netaddress examine scope Exception value %s ", value)); + + } String[] valueArray = StringUtils.split(value, "-"); this.start = Integer.valueOf(valueArray[0]); this.end = Integer.valueOf(valueArray[1]); if (!(AclUtils.isScope(end) && AclUtils.isScope(start) && start <= end)) { - + throw new AclPlugAccountAnalysisException(String.format("RangeNetaddressStrategy netaddress examine scope Exception start is %s , end is %s", start, end)); } } return this.end > 0 ? true : false; diff --git a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AccessContralAnalysisTest.java b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AccessContralAnalysisTest.java index 93f1f0cac43f379d3cc224dd143a45e89874ef53..06a5472536d4341026a71e9420aac52e0917e51e 100644 --- a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AccessContralAnalysisTest.java +++ b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AccessContralAnalysisTest.java @@ -1,8 +1,11 @@ package org.apache.rocketmq.acl.plug; +import java.util.Iterator; import java.util.Map; +import java.util.Map.Entry; import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl; +import org.junit.Assert; import org.junit.Test; public class AccessContralAnalysisTest { @@ -10,8 +13,21 @@ public class AccessContralAnalysisTest { @Test public void analysisTest() { AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis(); - Map map = accessContralAnalysis.analysis(new BorkerAccessControl()); - System.out.println(map); + BorkerAccessControl accessControl = new BorkerAccessControl(); + accessControl.setSendMessage(false); + Map map = accessContralAnalysis.analysis(accessControl); + + Iterator> it = map.entrySet().iterator(); + long num = 0; + while (it.hasNext()) { + Entry e = it.next(); + if (!e.getValue()) { + Assert.assertEquals(e.getKey(), Integer.valueOf(10)); + num++; + } + } + Assert.assertEquals(num, 1); + } } diff --git a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclPlugControllerTest.java b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclPlugControllerTest.java new file mode 100644 index 0000000000000000000000000000000000000000..da50ac14005b192f3d4dc03a9b904ee3cfb82633 --- /dev/null +++ b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclPlugControllerTest.java @@ -0,0 +1,5 @@ +package org.apache.rocketmq.acl.plug; + +public class AclPlugControllerTest { + +} diff --git a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclUtilsTest.java b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclUtilsTest.java new file mode 100644 index 0000000000000000000000000000000000000000..d65752fbee090003a85098d8175bba6a7eb5d77f --- /dev/null +++ b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclUtilsTest.java @@ -0,0 +1,115 @@ +package org.apache.rocketmq.acl.plug; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import org.apache.commons.lang3.StringUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.junit.MockitoJUnitRunner; + +@RunWith(MockitoJUnitRunner.class) +public class AclUtilsTest { + + @Test + public void getAddreeStrArray() { + String address = "1.1.1.{1,2,3,4}"; + String[] addressArray = AclUtils.getAddreeStrArray(address, "{1,2,3,4}"); + List newAddressList = new ArrayList<>(); + for (String a : addressArray) { + newAddressList.add(a); + } + + List addressList = new ArrayList<>(); + addressList.add("1.1.1.1"); + addressList.add("1.1.1.2"); + addressList.add("1.1.1.3"); + addressList.add("1.1.1.4"); + Assert.assertEquals(newAddressList, addressList); + } + + @Test + public void isScopeStringArray() { + String adderss = "12"; + + for (int i = 0; i < 6; i++) { + boolean isScope = AclUtils.isScope(adderss, 4); + if (i == 3) { + Assert.assertTrue(isScope); + } else { + Assert.assertFalse(isScope); + } + adderss = adderss + ".12"; + } + } + + @Test + public void isScopeArray() { + String[] adderss = StringUtils.split("12.12.12.12", "."); + boolean isScope = AclUtils.isScope(adderss, 4); + Assert.assertTrue(isScope); + isScope = AclUtils.isScope(adderss, 3); + Assert.assertTrue(isScope); + + adderss = StringUtils.split("12.12.1222.1222", "."); + isScope = AclUtils.isScope(adderss, 4); + Assert.assertFalse(isScope); + isScope = AclUtils.isScope(adderss, 3); + Assert.assertFalse(isScope); + + } + + @Test + public void isScopeStringTest() { + for (int i = 0; i < 256; i++) { + boolean isScope = AclUtils.isScope(i + ""); + Assert.assertTrue(isScope); + } + boolean isScope = AclUtils.isScope("-1"); + Assert.assertFalse(isScope); + isScope = AclUtils.isScope("256"); + Assert.assertFalse(isScope); + } + + @Test + public void isScopeTest() { + for (int i = 0; i < 256; i++) { + boolean isScope = AclUtils.isScope(i); + Assert.assertTrue(isScope); + } + boolean isScope = AclUtils.isScope(-1); + Assert.assertFalse(isScope); + isScope = AclUtils.isScope(256); + Assert.assertFalse(isScope); + + } + + @Test + public void isAsteriskTest() { + boolean isAsterisk = AclUtils.isAsterisk("*"); + Assert.assertTrue(isAsterisk); + + isAsterisk = AclUtils.isAsterisk(","); + Assert.assertFalse(isAsterisk); + } + + @Test + public void isColonTest() { + boolean isColon = AclUtils.isColon(","); + Assert.assertTrue(isColon); + + isColon = AclUtils.isColon("-"); + Assert.assertFalse(isColon); + } + + @Test + public void isMinusTest() { + boolean isMinus = AclUtils.isMinus("-"); + Assert.assertTrue(isMinus); + + isMinus = AclUtils.isMinus("*"); + Assert.assertFalse(isMinus); + } +} diff --git a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AuthenticationTest.java b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AuthenticationTest.java new file mode 100644 index 0000000000000000000000000000000000000000..c425315b30adc07e8c78744d35f37a5f4b0502eb --- /dev/null +++ b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AuthenticationTest.java @@ -0,0 +1,100 @@ +package org.apache.rocketmq.acl.plug; + +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo; +import org.apache.rocketmq.acl.plug.entity.AuthenticationResult; +import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl; +import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl; +import org.apache.rocketmq.acl.plug.strategy.OneNetaddressStrategy; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +public class AuthenticationTest { + + Authentication authentication = new Authentication(); + + AuthenticationInfo authenticationInfo; + + @Before + public void init() { + OneNetaddressStrategy netaddressStrategy = new OneNetaddressStrategy("127.0.0.1"); + BorkerAccessControl borkerAccessControl = new BorkerAccessControl(); + //321 + borkerAccessControl.setQueryConsumeQueue(false); + + Set permitSendTopic = new HashSet<>(); + permitSendTopic.add("permitSendTopic"); + borkerAccessControl.setPermitSendTopic(permitSendTopic); + + Set noPermitSendTopic = new HashSet<>(); + noPermitSendTopic.add("noPermitSendTopic"); + borkerAccessControl.setNoPermitSendTopic(noPermitSendTopic); + + Set permitPullTopic = new HashSet<>(); + permitPullTopic.add("permitPullTopic"); + borkerAccessControl.setPermitPullTopic(permitPullTopic); + + Set noPermitPullTopic = new HashSet<>(); + noPermitPullTopic.add("noPermitPullTopic"); + borkerAccessControl.setNoPermitPullTopic(noPermitPullTopic); + + AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis(); + Map map = accessContralAnalysis.analysis(borkerAccessControl); + + authenticationInfo = new AuthenticationInfo(map, borkerAccessControl, netaddressStrategy); + } + + @Test + public void authenticationTest() { + + AuthenticationResult authenticationResult = new AuthenticationResult(); + LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl(); + loginOrRequestAccessControl.setCode(317); + + boolean isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertTrue(isReturn); + + loginOrRequestAccessControl.setCode(321); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertFalse(isReturn); + + loginOrRequestAccessControl.setCode(10); + loginOrRequestAccessControl.setTopic("permitSendTopic"); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertTrue(isReturn); + + loginOrRequestAccessControl.setCode(310); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertTrue(isReturn); + + loginOrRequestAccessControl.setCode(320); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertTrue(isReturn); + + loginOrRequestAccessControl.setTopic("noPermitSendTopic"); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertFalse(isReturn); + + loginOrRequestAccessControl.setTopic("nopermitSendTopic"); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertTrue(isReturn); + + loginOrRequestAccessControl.setCode(11); + loginOrRequestAccessControl.setTopic("permitPullTopic"); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertTrue(isReturn); + + loginOrRequestAccessControl.setTopic("noPermitPullTopic"); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertFalse(isReturn); + + loginOrRequestAccessControl.setTopic("nopermitPullTopic"); + isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult); + Assert.assertTrue(isReturn); + + } +} diff --git a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java index 30951c6ee55ce669b03980956e733e4bd0ee8330..d126f19f666d2f4eb2401da4efc5978877f2c8da 100644 --- a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java +++ b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java @@ -1,12 +1,217 @@ package org.apache.rocketmq.acl.plug.engine; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.lang.reflect.Field; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; + +import org.apache.rocketmq.acl.plug.entity.AccessControl; +import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo; +import org.apache.rocketmq.acl.plug.entity.AuthenticationResult; +import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl; +import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport; +import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity; +import org.apache.rocketmq.acl.plug.entity.LoginInfo; +import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl; +import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException; +import org.apache.rocketmq.common.MixAll; +import org.junit.Assert; +import org.junit.Before; import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.internal.util.reflection.FieldSetter; +import org.mockito.junit.MockitoJUnitRunner; +import org.yaml.snakeyaml.Yaml; +@RunWith(MockitoJUnitRunner.class) public class PlainAclPlugEngineTest { - @Test + PlainAclPlugEngine plainAclPlugEngine; + + BorkerAccessControlTransport transport; + + AccessControl accessControl; + + AccessControl accessControlTwo; + + Map loginInfoMap; + + @Before + public void init() throws FileNotFoundException, NoSuchFieldException, SecurityException { + String home = System.getProperty(MixAll.ROCKETMQ_HOME_PROPERTY, System.getenv(MixAll.ROCKETMQ_HOME_ENV)); + Yaml ymal = new Yaml(); + String filePath = home + "/conf/transport.yml"; + FileInputStream fis = new FileInputStream(new File(filePath)); + transport = ymal.loadAs(fis, BorkerAccessControlTransport.class); + + ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity(); + controllerParametersEntity.setFileHome(home); + plainAclPlugEngine = new PlainAclPlugEngine(controllerParametersEntity); + + accessControl = new BorkerAccessControl(); + accessControl.setAccount("rokcetmq"); + accessControl.setPassword("aliyun"); + accessControl.setNetaddress("127.0.0.1"); + accessControl.setRecognition("127.0.0.1:1"); + + accessControlTwo = new BorkerAccessControl(); + accessControlTwo.setAccount("rokcet"); + accessControlTwo.setPassword("aliyun"); + accessControlTwo.setNetaddress("127.0.0.1"); + accessControlTwo.setRecognition("127.0.0.1:2"); + + loginInfoMap = new ConcurrentHashMap<>(); + FieldSetter.setField(plainAclPlugEngine, plainAclPlugEngine.getClass().getSuperclass().getDeclaredField("loginInfoMap"), loginInfoMap); + + } + + @Test(expected = AclPlugAccountAnalysisException.class) public void testPlainAclPlugEngineInit() { - //PlainAclPlugEngine plainAclPlugEngine = new PlainAclPlugEngine(); - //plainAclPlugEngine.init(); + ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity(); + new PlainAclPlugEngine(controllerParametersEntity); + + } + + @Test + public void authenticationInfoOfSetAccessControl() { + AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; + aclPlugEngine.setAccessControl(accessControl); + + AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl); + + AccessControl getAccessControl = authenticationInfo.getAccessControl(); + Assert.assertEquals(accessControl, getAccessControl); + + AccessControl testAccessControl = new AccessControl(); + testAccessControl.setAccount("rokcetmq"); + testAccessControl.setPassword("aliyun"); + testAccessControl.setNetaddress("127.0.0.1"); + testAccessControl.setRecognition("127.0.0.1:1"); + + testAccessControl.setAccount("rokcetmq1"); + authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl); + Assert.assertNull(authenticationInfo); + + testAccessControl.setAccount("rokcetmq"); + testAccessControl.setPassword("1"); + authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl); + Assert.assertNull(authenticationInfo); + + testAccessControl.setNetaddress("127.0.0.2"); + authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl); + Assert.assertNull(authenticationInfo); + } + + @Test + public void setAccessControlList() { + List accessControlList = new ArrayList<>(); + accessControlList.add(accessControl); + + accessControlList.add(accessControlTwo); + + plainAclPlugEngine.setAccessControlList(accessControlList); + + AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; + AuthenticationInfo newAccessControl = aclPlugEngine.getAccessControl(accessControl); + Assert.assertEquals(accessControl, newAccessControl.getAccessControl()); + + newAccessControl = aclPlugEngine.getAccessControl(accessControlTwo); + Assert.assertEquals(accessControlTwo, newAccessControl.getAccessControl()); + + } + + @Test + public void setNetaddressAccessControl() { + AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; + AccessControl accessControl = new BorkerAccessControl(); + accessControl.setNetaddress("127.0.0.1"); + aclPlugEngine.setAccessControl(accessControl); + aclPlugEngine.setNetaddressAccessControl(accessControl); + + AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl); + + AccessControl getAccessControl = authenticationInfo.getAccessControl(); + Assert.assertEquals(accessControl, getAccessControl); + + accessControl.setNetaddress("127.0.0.2"); + authenticationInfo = aclPlugEngine.getAccessControl(accessControl); + Assert.assertNull(authenticationInfo); + } + + public void eachCheckLoginAndAuthentication() { + + } + + @Test(expected = AclPlugAccountAnalysisException.class) + public void borkerAccessControlTransportTestNull() { + plainAclPlugEngine.setBorkerAccessControlTransport(new BorkerAccessControlTransport()); + } + + @Test + public void borkerAccessControlTransportTest() { + BorkerAccessControlTransport borkerAccessControlTransprt = new BorkerAccessControlTransport(); + borkerAccessControlTransprt.setOnlyNetAddress((BorkerAccessControl) this.accessControl); + List list = new ArrayList<>(); + list.add((BorkerAccessControl) this.accessControlTwo); + borkerAccessControlTransprt.setList(list); + plainAclPlugEngine.setBorkerAccessControlTransport(borkerAccessControlTransprt); + + AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; + AccessControl accessControl = new BorkerAccessControl(); + accessControl.setNetaddress("127.0.0.1"); + aclPlugEngine.setAccessControl(accessControl); + AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl); + Assert.assertNotNull(authenticationInfo.getAccessControl()); + + authenticationInfo = aclPlugEngine.getAccessControl(accessControlTwo); + Assert.assertEquals(accessControlTwo, authenticationInfo.getAccessControl()); + + } + + @Test + public void getLoginInfo() { + plainAclPlugEngine.setAccessControl(accessControl); + LoginInfo loginInfo = plainAclPlugEngine.getLoginInfo(accessControl); + Assert.assertNotNull(loginInfo); + + loginInfo = plainAclPlugEngine.getLoginInfo(accessControlTwo); + Assert.assertNull(loginInfo); + + } + + @Test + public void deleteLoginInfo() { + plainAclPlugEngine.setAccessControl(accessControl); + plainAclPlugEngine.getLoginInfo(accessControl); + + LoginInfo loginInfo = loginInfoMap.get(accessControl.getRecognition()); + Assert.assertNotNull(loginInfo); + + plainAclPlugEngine.deleteLoginInfo(accessControl.getRecognition()); + + loginInfo = loginInfoMap.get(accessControl.getRecognition()); + Assert.assertNull(loginInfo); + } + + @Test + public void getAuthenticationInfo() { + LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl(); + loginOrRequestAccessControl.setAccount("rokcetmq"); + loginOrRequestAccessControl.setPassword("aliyun"); + loginOrRequestAccessControl.setNetaddress("127.0.0.1"); + loginOrRequestAccessControl.setRecognition("127.0.0.1:1"); + + AuthenticationResult authenticationResult = new AuthenticationResult(); + plainAclPlugEngine.getAuthenticationInfo(loginOrRequestAccessControl, authenticationResult); + Assert.assertEquals("Login information does not exist, Please check login, password, IP", authenticationResult.getResultString()); + + plainAclPlugEngine.setAccessControl(accessControl); + AuthenticationInfo authenticationInfo = plainAclPlugEngine.getAuthenticationInfo(loginOrRequestAccessControl, authenticationResult); + Assert.assertNotNull(authenticationInfo); + } } diff --git a/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyTest.java b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyTest.java new file mode 100644 index 0000000000000000000000000000000000000000..bf9101b200f637aad4fe6b892a982866aecef5dd --- /dev/null +++ b/acl-plug/src/test/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyTest.java @@ -0,0 +1,182 @@ +package org.apache.rocketmq.acl.plug.strategy; + +import org.apache.rocketmq.acl.plug.entity.AccessControl; +import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException; +import org.junit.Assert; +import org.junit.Test; + +public class NetaddressStrategyTest { + + NetaddressStrategyFactory netaddressStrategyFactory = new NetaddressStrategyFactory(); + + @Test + public void NetaddressStrategyFactoryTest() { + AccessControl accessControl = new AccessControl(); + NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy, NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY); + + accessControl.setNetaddress("*"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy, NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY); + + accessControl.setNetaddress("127.0.0.1"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy.getClass(), OneNetaddressStrategy.class); + + accessControl.setNetaddress("127.0.0.1,127.0.0.2,127.0.0.3"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy.getClass(), MultipleNetaddressStrategy.class); + + accessControl.setNetaddress("127.0.0.{1,2,3}"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy.getClass(), MultipleNetaddressStrategy.class); + + accessControl.setNetaddress("127.0.0.1-200"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy.getClass(), RangeNetaddressStrategy.class); + + accessControl.setNetaddress("127.0.0.*"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy.getClass(), RangeNetaddressStrategy.class); + + accessControl.setNetaddress("127.0.1-20.*"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + Assert.assertEquals(netaddressStrategy.getClass(), RangeNetaddressStrategy.class); + } + + @Test(expected = AclPlugAccountAnalysisException.class) + public void verifyTest() { + new OneNetaddressStrategy("127.0.0.1"); + + new OneNetaddressStrategy("256.0.0.1"); + } + + @Test + public void nullNetaddressStrategyTest() { + boolean isMatch = NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY.match(new AccessControl()); + Assert.assertTrue(isMatch); + } + + public void oneNetaddressStrategyTest() { + OneNetaddressStrategy netaddressStrategy = new OneNetaddressStrategy("127.0.0.1"); + AccessControl accessControl = new AccessControl(); + boolean match = netaddressStrategy.match(accessControl); + Assert.assertFalse(match); + + accessControl.setNetaddress("127.0.0.2"); + match = netaddressStrategy.match(accessControl); + Assert.assertFalse(match); + + accessControl.setNetaddress("127.0.0.1"); + match = netaddressStrategy.match(accessControl); + Assert.assertTrue(match); + } + + @Test + public void multipleNetaddressStrategyTest() { + AccessControl accessControl = new AccessControl(); + accessControl.setNetaddress("127.0.0.1,127.0.0.2,127.0.0.3"); + NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + multipleNetaddressStrategyTest(netaddressStrategy); + + accessControl.setNetaddress("127.0.0.{1,2,3}"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + multipleNetaddressStrategyTest(netaddressStrategy); + + } + + @Test(expected = AclPlugAccountAnalysisException.class) + public void multipleNetaddressStrategyExceptionTest() { + AccessControl accessControl = new AccessControl(); + accessControl.setNetaddress("127.0.0.1,2,3}"); + netaddressStrategyFactory.getNetaddressStrategy(accessControl); + } + + private void multipleNetaddressStrategyTest(NetaddressStrategy netaddressStrategy) { + AccessControl accessControl = new AccessControl(); + accessControl.setNetaddress("127.0.0.1"); + boolean match = netaddressStrategy.match(accessControl); + Assert.assertTrue(match); + + accessControl.setNetaddress("127.0.0.2"); + match = netaddressStrategy.match(accessControl); + Assert.assertTrue(match); + + accessControl.setNetaddress("127.0.0.3"); + match = netaddressStrategy.match(accessControl); + Assert.assertTrue(match); + + accessControl.setNetaddress("127.0.0.4"); + match = netaddressStrategy.match(accessControl); + Assert.assertFalse(match); + + accessControl.setNetaddress("127.0.0.0"); + match = netaddressStrategy.match(accessControl); + Assert.assertFalse(match); + + } + + @Test + public void rangeNetaddressStrategyTest() { + String head = "127.0.0."; + AccessControl accessControl = new AccessControl(); + accessControl.setNetaddress("127.0.0.1-200"); + NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + rangeNetaddressStrategyTest(netaddressStrategy, head, 1, 200, true); + accessControl.setNetaddress("127.0.0.*"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + rangeNetaddressStrategyTest(netaddressStrategy, head, 0, 255, true); + + accessControl.setNetaddress("127.0.1-200.*"); + netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + rangeNetaddressStrategyThirdlyTest(netaddressStrategy, head, 1, 200); + } + + private void rangeNetaddressStrategyTest(NetaddressStrategy netaddressStrategy, String head, int start, int end, + boolean isFalse) { + AccessControl accessControl = new AccessControl(); + for (int i = -10; i < 300; i++) { + accessControl.setNetaddress(head + i); + boolean match = netaddressStrategy.match(accessControl); + if (isFalse && i >= start && i <= end) { + Assert.assertTrue(match); + continue; + } + Assert.assertFalse(match); + + } + } + + private void rangeNetaddressStrategyThirdlyTest(NetaddressStrategy netaddressStrategy, String head, int start, + int end) { + String newHead; + for (int i = -10; i < 300; i++) { + newHead = head + i; + if (i >= start && i <= end) { + rangeNetaddressStrategyTest(netaddressStrategy, newHead, 0, 255, false); + } + } + } + + @Test(expected = AclPlugAccountAnalysisException.class) + public void rangeNetaddressStrategyExceptionStartGreaterEndTest() { + rangeNetaddressStrategyExceptionTest("127.0.0.2-1"); + } + + @Test(expected = AclPlugAccountAnalysisException.class) + public void rangeNetaddressStrategyExceptionScopeTest() { + rangeNetaddressStrategyExceptionTest("127.0.0.-1-200"); + } + + @Test(expected = AclPlugAccountAnalysisException.class) + public void rangeNetaddressStrategyExceptionScopeTwoTest() { + rangeNetaddressStrategyExceptionTest("127.0.0.0-256"); + } + + private void rangeNetaddressStrategyExceptionTest(String netaddress) { + AccessControl accessControl = new AccessControl(); + accessControl.setNetaddress(netaddress); + netaddressStrategyFactory.getNetaddressStrategy(accessControl); + } + +} diff --git a/acl-plug/src/test/resources/transport.yml b/acl-plug/src/test/resources/conf/transport.yml similarity index 100% rename from acl-plug/src/test/resources/transport.yml rename to acl-plug/src/test/resources/conf/transport.yml diff --git a/broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java b/broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java index b080716bd2a2561f909af3cb3359814fec47e764..2ebf5998a73f9a3af1fedccbf093003e2e078272 100644 --- a/broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java +++ b/broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java @@ -32,10 +32,10 @@ import java.util.concurrent.LinkedBlockingQueue; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.ThreadPoolExecutor; import java.util.concurrent.TimeUnit; - import org.apache.commons.lang3.StringUtils; import org.apache.rocketmq.acl.plug.AclPlugController; import org.apache.rocketmq.acl.plug.AclRemotingServer; +import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity; import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl; import org.apache.rocketmq.broker.client.ClientHousekeepingService; import org.apache.rocketmq.broker.client.ConsumerIdsChangeListener; @@ -107,7 +107,6 @@ import org.apache.rocketmq.store.config.MessageStoreConfig; import org.apache.rocketmq.store.stats.BrokerStats; import org.apache.rocketmq.store.stats.BrokerStatsManager; - public class BrokerController { private static final InternalLogger log = InternalLoggerFactory.getLogger(LoggerName.BROKER_LOGGER_NAME); private static final InternalLogger LOG_PROTECTION = InternalLoggerFactory.getLogger(LoggerName.PROTECTION_LOGGER_NAME); @@ -163,6 +162,8 @@ public class BrokerController { private TransactionalMessageService transactionalMessageService; private AbstractTransactionalMessageCheckListener transactionalMessageCheckListener; + private AclPlugController aclPlugController; + public BrokerController( final BrokerConfig brokerConfig, final NettyServerConfig nettyServerConfig, @@ -298,7 +299,6 @@ public class BrokerController { this.heartbeatThreadPoolQueue, new ThreadFactoryImpl("HeartbeatThread_",true)); - this.consumerManageExecutor = Executors.newFixedThreadPool(this.brokerConfig.getConsumerManageThreadPoolNums(), new ThreadFactoryImpl( "ConsumerManageThread_")); @@ -486,41 +486,46 @@ public class BrokerController { } private void initialAclPlug() { - try { - if(!this.brokerConfig.isAclPlug()) { - return; - } - AclPlugController aclPlugController = new AclPlugController(null); - if(!aclPlugController.isStartSucceed()) { - return; - } - final AclRemotingServer aclRemotingServe = aclPlugController.getAclRemotingServer(); - this.registerServerRPCHook(new RPCHook() { - - @Override - public void doBeforeRequest(String remoteAddr, RemotingCommand request) { - HashMap extFields = request.getExtFields(); - LoginOrRequestAccessControl accessControl = new LoginOrRequestAccessControl(); - accessControl.setCode(request.getCode()); - accessControl.setRecognition(remoteAddr); - if( extFields != null ) { - accessControl.setAccount(extFields.get("account")); - accessControl.setPassword(extFields.get("password")); - accessControl.setNetaddress(StringUtils.split(remoteAddr,":")[0]); - accessControl.setTopic(extFields.get("topic")); - } - aclRemotingServe.eachCheck(accessControl); - } - - @Override - public void doAfterResponse(String remoteAddr, RemotingCommand request, RemotingCommand response) {} - }); - - }catch(Exception e) { - - } - } - + try { + if (!this.brokerConfig.isAclPlug()) { + log.info("Default does not start acl plug"); + return; + } + ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity(); + controllerParametersEntity.setFileHome(brokerConfig.getRocketmqHome()); + aclPlugController = new AclPlugController(controllerParametersEntity); + if (!aclPlugController.isStartSucceed()) { + log.error("start acl plug failure"); + return; + } + final AclRemotingServer aclRemotingServe = aclPlugController.getAclRemotingServer(); + this.registerServerRPCHook(new RPCHook() { + + @Override + public void doBeforeRequest(String remoteAddr, RemotingCommand request) { + HashMap extFields = request.getExtFields(); + LoginOrRequestAccessControl accessControl = new LoginOrRequestAccessControl(); + accessControl.setCode(request.getCode()); + accessControl.setRecognition(remoteAddr); + if (extFields != null) { + accessControl.setAccount(extFields.get("account")); + accessControl.setPassword(extFields.get("password")); + accessControl.setNetaddress(StringUtils.split(remoteAddr, ":")[0]); + accessControl.setTopic(extFields.get("topic")); + } + aclRemotingServe.eachCheck(accessControl); + } + + @Override + public void doAfterResponse(String remoteAddr, RemotingCommand request, RemotingCommand response) { + } + }); + + } catch (Exception e) { + log.error(e.getMessage(), e); + } + } + public void registerProcessor() { /** * SendMessageProcessor @@ -1071,4 +1076,8 @@ public class BrokerController { AbstractTransactionalMessageCheckListener transactionalMessageCheckListener) { this.transactionalMessageCheckListener = transactionalMessageCheckListener; } + + public AclPlugController getAclPlugController() { + return this.aclPlugController; + } } diff --git a/broker/src/main/java/org/apache/rocketmq/broker/client/ClientHousekeepingService.java b/broker/src/main/java/org/apache/rocketmq/broker/client/ClientHousekeepingService.java index d536db5055eb2c2b7b6d8b5f4c80af743dd81a50..04794d1dc1ba1f825a934d71732ab0568e4861e3 100644 --- a/broker/src/main/java/org/apache/rocketmq/broker/client/ClientHousekeepingService.java +++ b/broker/src/main/java/org/apache/rocketmq/broker/client/ClientHousekeepingService.java @@ -72,6 +72,7 @@ public class ClientHousekeepingService implements ChannelEventListener { this.brokerController.getProducerManager().doChannelCloseEvent(remoteAddr, channel); this.brokerController.getConsumerManager().doChannelCloseEvent(remoteAddr, channel); this.brokerController.getFilterServerManager().doChannelCloseEvent(remoteAddr, channel); + this.brokerController.getAclPlugController().doChannelCloseEvent(remoteAddr); } @Override diff --git a/common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java b/common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java index a8c286eba990fe41f7c2eff31f5352b9b3e41d7c..3aa16012cca7069133339000028dd7382c33ca4d 100644 --- a/common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java +++ b/common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java @@ -63,7 +63,7 @@ public class BrokerConfig { private int adminBrokerThreadPoolNums = 16; private int clientManageThreadPoolNums = 32; private int consumerManageThreadPoolNums = 32; - private int heartbeatThreadPoolNums = Math.min(32,Runtime.getRuntime().availableProcessors()); + private int heartbeatThreadPoolNums = Math.min(32, Runtime.getRuntime().availableProcessors()); private int flushConsumerOffsetInterval = 1000 * 5; @@ -163,8 +163,7 @@ public class BrokerConfig { */ @ImportantField private long transactionCheckInterval = 60 * 1000; - - + private boolean isAclPlug; public boolean isTraceOn() { @@ -705,12 +704,12 @@ public class BrokerConfig { this.transactionCheckInterval = transactionCheckInterval; } - public boolean isAclPlug() { - return isAclPlug; - } + public boolean isAclPlug() { + return isAclPlug; + } + + public void setAclPlug(boolean isAclPlug) { + this.isAclPlug = isAclPlug; + } - public void setAclPlug(boolean isAclPlug) { - this.isAclPlug = isAclPlug; - } - } diff --git a/common/src/main/java/org/apache/rocketmq/common/constant/LoggerName.java b/common/src/main/java/org/apache/rocketmq/common/constant/LoggerName.java index 12070ddc34ee8076cc22c3e92afa65641833441e..46a6e45ab6f084f759a683b61faa12a8f21f632d 100644 --- a/common/src/main/java/org/apache/rocketmq/common/constant/LoggerName.java +++ b/common/src/main/java/org/apache/rocketmq/common/constant/LoggerName.java @@ -36,4 +36,5 @@ public class LoggerName { public static final String PROTECTION_LOGGER_NAME = "RocketmqProtection"; public static final String WATER_MARK_LOGGER_NAME = "RocketmqWaterMark"; public static final String FILTER_LOGGER_NAME = "RocketmqFilter"; + public static final String ACL_PLUG_LOGGER_NAME = "RocketmqAclPlug"; }