提交 693243e8 编写于 作者: H hujie

finishing

上级 7c2b40c3
......@@ -21,9 +21,7 @@ import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
import org.apache.commons.lang3.StringUtils;
import org.apache.rocketmq.acl.plug.annotation.RequestCode;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
......@@ -31,23 +29,23 @@ public class AccessContralAnalysis {
private Map<Class<?>, Map<Integer, Field>> classTocodeAndMentod = new HashMap<>();
private Map<String , Integer> fieldNameAndCode = new HashMap<>();
private Map<String, Integer> fieldNameAndCode = new HashMap<>();
public void analysisClass(Class<?> clazz) {
Field[] fields = clazz.getDeclaredFields();
try {
for(Field field : fields) {
if( field.getType().equals(int.class)) {
String name = StringUtils.replace(field.getName(), "_", "").toLowerCase();
fieldNameAndCode.put(name, (Integer)field.get(null));
}
}
} catch (IllegalArgumentException | IllegalAccessException e) {
throw new AclPlugAccountAnalysisException(String.format("analysis on failure Class is %s", clazz.getName()), e);
}
Field[] fields = clazz.getDeclaredFields();
try {
for (Field field : fields) {
if (field.getType().equals(int.class)) {
String name = StringUtils.replace(field.getName(), "_", "").toLowerCase();
fieldNameAndCode.put(name, (Integer) field.get(null));
}
}
} catch (IllegalArgumentException | IllegalAccessException e) {
throw new AclPlugAccountAnalysisException(String.format("analysis on failure Class is %s", clazz.getName()), e);
}
}
public Map<Integer, Boolean> analysis(AccessControl accessControl) {
Class<? extends AccessControl> clazz = accessControl.getClass();
Map<Integer, Field> codeAndField = classTocodeAndMentod.get(clazz);
......@@ -55,18 +53,18 @@ public class AccessContralAnalysis {
codeAndField = new HashMap<>();
Field[] fields = clazz.getDeclaredFields();
for (Field field : fields) {
if(!field.getType().equals(boolean.class))
continue;
Integer code = fieldNameAndCode.get(field.getName().toLowerCase());
if(code == null) {
throw new AclPlugAccountAnalysisException(String.format("field nonexistent in code", field.getName()));
}
field.setAccessible( true );
codeAndField.put(code, field);
if (!field.getType().equals(boolean.class))
continue;
Integer code = fieldNameAndCode.get(field.getName().toLowerCase());
if (code == null) {
throw new AclPlugAccountAnalysisException(String.format("field nonexistent in code fieldName is %s", field.getName()));
}
field.setAccessible(true);
codeAndField.put(code, field);
}
if(codeAndField.isEmpty()) {
throw new AclPlugAccountAnalysisException(String.format("AccessControl nonexistent code , name %s" , accessControl.getClass().getName()));
if (codeAndField.isEmpty()) {
throw new AclPlugAccountAnalysisException(String.format("AccessControl nonexistent code , name %s", accessControl.getClass().getName()));
}
classTocodeAndMentod.put(clazz, codeAndField);
}
......
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.rocketmq.acl.plug.annotation;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Documented
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.FIELD})
public @interface RequestCode {
int code();
}
......@@ -37,25 +37,18 @@ import org.apache.rocketmq.logging.InternalLoggerFactory;
public abstract class AuthenticationInfoManagementAclPlugEngine implements AclPlugEngine {
private static final InternalLogger log = InternalLoggerFactory.getLogger(LoggerName.ACL_PLUG_LOGGER_NAME);
ControllerParametersEntity controllerParametersEntity;
private Map<String/** account **/, Map<String/** netaddress **/, AuthenticationInfo>> accessControlMap = new HashMap<>();
private AuthenticationInfo authenticationInfo;
private NetaddressStrategyFactory netaddressStrategyFactory = new NetaddressStrategyFactory();
private AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
private Authentication authentication = new Authentication();
ControllerParametersEntity controllerParametersEntity;
public AuthenticationInfoManagementAclPlugEngine(ControllerParametersEntity controllerParametersEntity) {
public AuthenticationInfoManagementAclPlugEngine(ControllerParametersEntity controllerParametersEntity) {
this.controllerParametersEntity = controllerParametersEntity;
accessContralAnalysis.analysisClass(controllerParametersEntity.getAccessContralAnalysisClass());
}
}
public void setAccessControl(AccessControl accessControl) throws AclPlugAccountAnalysisException {
if (accessControl.getAccount() == null || accessControl.getPassword() == null || accessControl.getAccount().length() <= 6 || accessControl.getPassword().length() <= 6) {
throw new AclPlugAccountAnalysisException(String.format("The account password cannot be null and is longer than 6, account is %s password is %s", accessControl.getAccount(), accessControl.getPassword()));
......
......@@ -18,7 +18,6 @@ package org.apache.rocketmq.acl.plug.engine;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
......@@ -30,11 +29,10 @@ public abstract class LoginInfoAclPlugEngine extends AuthenticationInfoManagemen
private Map<String, LoginInfo> loginInfoMap = new ConcurrentHashMap<>();
public LoginInfoAclPlugEngine(ControllerParametersEntity controllerParametersEntity) {
super(controllerParametersEntity);
}
public LoginInfoAclPlugEngine(ControllerParametersEntity controllerParametersEntity) {
super(controllerParametersEntity);
}
public LoginInfo getLoginInfo(AccessControl accessControl) {
LoginInfo loginInfo = loginInfoMap.get(accessControl.getRecognition());
if (loginInfo == null) {
......
......@@ -26,10 +26,10 @@ import org.yaml.snakeyaml.Yaml;
public class PlainAclPlugEngine extends LoginInfoAclPlugEngine {
private ControllerParametersEntity controllerParametersEntity;
public PlainAclPlugEngine(ControllerParametersEntity controllerParametersEntity) throws AclPlugAccountAnalysisException {
super(controllerParametersEntity);
public PlainAclPlugEngine(
ControllerParametersEntity controllerParametersEntity) throws AclPlugAccountAnalysisException {
super(controllerParametersEntity);
init();
}
......
......@@ -18,7 +18,6 @@ package org.apache.rocketmq.acl.plug.entity;
import java.util.HashSet;
import java.util.Set;
import org.apache.rocketmq.acl.plug.annotation.RequestCode;
public class BorkerAccessControl extends AccessControl {
......@@ -28,101 +27,101 @@ public class BorkerAccessControl extends AccessControl {
private Set<String> noPermitPullTopic = new HashSet<>();
private boolean sendMessage = true;
private boolean sendMessageV2 = true;
private boolean sendBatchMessage = true;
private boolean consumerSendMsgBack = true;
@RequestCode(code = 11)
private boolean pullMessage = true;
@RequestCode(code = 12)
private boolean queryMessage = true;
@RequestCode(code = 33)
private boolean viewMessageById = true;
@RequestCode(code = 34)
private boolean heartBeat = true;
@RequestCode(code = 35)
private boolean unregisterClient = true;
@RequestCode(code = 46)
private boolean checkClientConfig = true;
@RequestCode(code = 38)
private boolean getConsumerListByGroup = true;
@RequestCode(code = 15)
private boolean updateConsumerOffset = true;
@RequestCode(code = 14)
private boolean queryConsumerOffset = true;
@RequestCode(code = 37)
private boolean endTransaction = true;
@RequestCode(code = 17)
private boolean updateAndCreateTopic = true;
@RequestCode(code = 215)
private boolean deleteTopicInbroker = true;
@RequestCode(code = 21)
private boolean getAllTopicConfig = true;
@RequestCode(code = 25)
private boolean updateBrokerConfig = true;
@RequestCode(code = 26)
private boolean getBrokerConfig = true;
@RequestCode(code = 29)
private boolean searchOffsetByTimestamp = true;
@RequestCode(code = 30)
private boolean getMaxOffset = true;
@RequestCode(code = 31)
private boolean getMixOffset = true;
@RequestCode(code = 32)
private boolean getMinOffset = true;
private boolean getEarliestMsgStoretime = true;
@RequestCode(code = 28)
private boolean getBrokerRuntimeInfo = true;
@RequestCode(code = 41)
private boolean lockBatchMQ = true;
@RequestCode(code = 42)
private boolean unlockBatchMQ = true;
@RequestCode(code = 200)
private boolean updateAndCreteSubscriptiongroup = true;
@RequestCode(code = 201)
private boolean updateAndCreateSubscriptiongroup = true;
private boolean getAllSubscriptiongroupConfig = true;
@RequestCode(code = 207)
private boolean deleteSubscriptiongroup = true;
@RequestCode(code = 202)
private boolean getTopicStatsInfo = true;
@RequestCode(code = 203)
private boolean getConsumerConnectionList = true;
@RequestCode(code = 204)
private boolean getProducerConnectionList = true;
@RequestCode(code = 208)
private boolean getConsumeStats = true;
@RequestCode(code = 43)
private boolean getAllConsumerOffset = true;
@RequestCode(code = 25)
private boolean getAllDelayOffset = true;
@RequestCode(code = 222)
private boolean invokeBrokerToresetOffset = true;
@RequestCode(code = 300)
private boolean queryTopicConsumByWho = true;
@RequestCode(code = 301)
private boolean queryTopicConsumeByWho = true;
private boolean registerFilterServer = true;
private boolean queryConsumeTimeSpan = true;
private boolean getSystemTopicListFromBroker = true;
@RequestCode(code = 306)
private boolean cleanExpiredConsumequeue = true;
@RequestCode(code = 316)
private boolean cleanUnusedTopic = true;
@RequestCode(code = 307)
private boolean getConsumerRunningInfo = true;
@RequestCode(code = 308)
private boolean queryCorrectionOffset = true;
@RequestCode(code = 309)
private boolean consumeMessageDirectly = true;
@RequestCode(code = 314)
private boolean cloneGroupOffset = true;
@RequestCode(code = 315)
private boolean viewBrokerStatsData = true;
@RequestCode(code = 317)
private boolean getBrokerConsumeStats = true;
@RequestCode(code = 321)
private boolean queryConsumeQueue = true;
public BorkerAccessControl() {
......@@ -325,16 +324,16 @@ public class BorkerAccessControl extends AccessControl {
return getMaxOffset;
}
public void setGetMaxOffset(boolean getMaxOffset) {
this.getMaxOffset = getMaxOffset;
public void setGetMaxOffset(boolean getMinOffset) {
this.getMaxOffset = getMinOffset;
}
public boolean isGetMixOffset() {
return getMixOffset;
public boolean isGetMinOffset() {
return getMinOffset;
}
public void setGetMixOffset(boolean getMixOffset) {
this.getMixOffset = getMixOffset;
public void setGetMinOffset(boolean getMinOffset) {
this.getMinOffset = getMinOffset;
}
public boolean isGetEarliestMsgStoretime() {
......@@ -369,12 +368,12 @@ public class BorkerAccessControl extends AccessControl {
this.unlockBatchMQ = unlockBatchMQ;
}
public boolean isUpdateAndCreteSubscriptiongroup() {
return updateAndCreteSubscriptiongroup;
public boolean isUpdateAndCreateSubscriptiongroup() {
return updateAndCreateSubscriptiongroup;
}
public void setUpdateAndCreteSubscriptiongroup(boolean updateAndCreteSubscriptiongroup) {
this.updateAndCreteSubscriptiongroup = updateAndCreteSubscriptiongroup;
public void setUpdateAndCreateSubscriptiongroup(boolean updateAndCreateSubscriptiongroup) {
this.updateAndCreateSubscriptiongroup = updateAndCreateSubscriptiongroup;
}
public boolean isGetAllSubscriptiongroupConfig() {
......@@ -449,12 +448,12 @@ public class BorkerAccessControl extends AccessControl {
this.invokeBrokerToresetOffset = invokeBrokerToresetOffset;
}
public boolean isQueryTopicConsumByWho() {
return queryTopicConsumByWho;
public boolean isQueryTopicConsumeByWho() {
return queryTopicConsumeByWho;
}
public void setQueryTopicConsumByWho(boolean queryTopicConsumByWho) {
this.queryTopicConsumByWho = queryTopicConsumByWho;
public void setQueryTopicConsumeByWho(boolean queryTopicConsumeByWho) {
this.queryTopicConsumeByWho = queryTopicConsumeByWho;
}
public boolean isRegisterFilterServer() {
......@@ -601,8 +600,8 @@ public class BorkerAccessControl extends AccessControl {
builder.append(", searchOffsetByTimestamp=").append(searchOffsetByTimestamp);
if (!getMaxOffset)
builder.append(", getMaxOffset=").append(getMaxOffset);
if (!getMixOffset)
builder.append(", getMixOffset=").append(getMixOffset);
if (!getMinOffset)
builder.append(", getMixOffset=").append(getMinOffset);
if (!getEarliestMsgStoretime)
builder.append(", getEarliestMsgStoretime=").append(getEarliestMsgStoretime);
if (!getBrokerRuntimeInfo)
......@@ -611,8 +610,8 @@ public class BorkerAccessControl extends AccessControl {
builder.append(", lockBatchMQ=").append(lockBatchMQ);
if (!unlockBatchMQ)
builder.append(", unlockBatchMQ=").append(unlockBatchMQ);
if (!updateAndCreteSubscriptiongroup)
builder.append(", updateAndCreteSubscriptiongroup=").append(updateAndCreteSubscriptiongroup);
if (!updateAndCreateSubscriptiongroup)
builder.append(", updateAndCreateSubscriptiongroup=").append(updateAndCreateSubscriptiongroup);
if (!getAllSubscriptiongroupConfig)
builder.append(", getAllSubscriptiongroupConfig=").append(getAllSubscriptiongroupConfig);
if (!deleteSubscriptiongroup)
......@@ -631,8 +630,8 @@ public class BorkerAccessControl extends AccessControl {
builder.append(", getAllDelayOffset=").append(getAllDelayOffset);
if (!invokeBrokerToresetOffset)
builder.append(", invokeBrokerToresetOffset=").append(invokeBrokerToresetOffset);
if (!queryTopicConsumByWho)
builder.append(", queryTopicConsumByWho=").append(queryTopicConsumByWho);
if (!queryTopicConsumeByWho)
builder.append(", queryTopicConsumeByWho=").append(queryTopicConsumeByWho);
if (!registerFilterServer)
builder.append(", registerFilterServer=").append(registerFilterServer);
if (!queryConsumeTimeSpan)
......
......@@ -23,7 +23,7 @@ public class ControllerParametersEntity {
private String fileHome;
private Class<?> accessContralAnalysisClass = RequestCode.class;
public String getFileHome() {
return fileHome;
}
......@@ -32,21 +32,20 @@ public class ControllerParametersEntity {
this.fileHome = fileHome;
}
public Class<?> getAccessContralAnalysisClass() {
return accessContralAnalysisClass;
}
public void setAccessContralAnalysisClass(Class<?> accessContralAnalysisClass) {
this.accessContralAnalysisClass = accessContralAnalysisClass;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("ControllerParametersEntity [fileHome=").append(fileHome).append(", accessContralAnalysisClass=")
.append(accessContralAnalysisClass).append("]");
return builder.toString();
}
return accessContralAnalysisClass;
}
public void setAccessContralAnalysisClass(Class<?> accessContralAnalysisClass) {
this.accessContralAnalysisClass = accessContralAnalysisClass;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("ControllerParametersEntity [fileHome=").append(fileHome).append(", accessContralAnalysisClass=")
.append(accessContralAnalysisClass).append("]");
return builder.toString();
}
}
......@@ -19,7 +19,6 @@ package org.apache.rocketmq.acl.plug;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
......@@ -30,13 +29,13 @@ import org.junit.Test;
public class AccessContralAnalysisTest {
AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
@Before
public void init() {
accessContralAnalysis.analysisClass(RequestCode.class);
}
AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
@Before
public void init() {
accessContralAnalysis.analysisClass(RequestCode.class);
}
@Test
public void analysisTest() {
BorkerAccessControl accessControl = new BorkerAccessControl();
......@@ -54,12 +53,11 @@ public class AccessContralAnalysisTest {
}
Assert.assertEquals(num, 1);
}
@Test(expected=AclPlugAccountAnalysisException.class)
public void analysisExceptionTest(){
AccessControl accessControl = new AccessControl();
accessContralAnalysis.analysis(accessControl);
@Test(expected = AclPlugAccountAnalysisException.class)
public void analysisExceptionTest() {
AccessControl accessControl = new AccessControl();
accessContralAnalysis.analysis(accessControl);
}
}
......@@ -24,6 +24,7 @@ import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl;
import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
import org.apache.rocketmq.acl.plug.strategy.OneNetaddressStrategy;
import org.apache.rocketmq.common.protocol.RequestCode;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
......@@ -33,9 +34,9 @@ public class AuthenticationTest {
Authentication authentication = new Authentication();
AuthenticationInfo authenticationInfo;
BorkerAccessControl borkerAccessControl;
AuthenticationResult authenticationResult = new AuthenticationResult();
LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl();
......@@ -63,6 +64,7 @@ public class AuthenticationTest {
borkerAccessControl.setNoPermitPullTopic(noPermitPullTopic);
AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
accessContralAnalysis.analysisClass(RequestCode.class);
Map<Integer, Boolean> map = accessContralAnalysis.analysis(borkerAccessControl);
authenticationInfo = new AuthenticationInfo(map, borkerAccessControl, netaddressStrategy);
......@@ -71,7 +73,6 @@ public class AuthenticationTest {
@Test
public void authenticationTest() {
loginOrRequestAccessControl.setCode(317);
boolean isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
......@@ -116,26 +117,26 @@ public class AuthenticationTest {
Assert.assertFalse(isReturn);
}
@Test
public void isEmptyTest() {
loginOrRequestAccessControl.setCode(10);
loginOrRequestAccessControl.setTopic("absentTopic");
boolean isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertFalse(isReturn);
Set<String> permitSendTopic = new HashSet<>();
borkerAccessControl.setPermitSendTopic(permitSendTopic);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setCode(11);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertFalse(isReturn);
borkerAccessControl.setPermitPullTopic(permitSendTopic);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setCode(10);
loginOrRequestAccessControl.setTopic("absentTopic");
boolean isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertFalse(isReturn);
Set<String> permitSendTopic = new HashSet<>();
borkerAccessControl.setPermitSendTopic(permitSendTopic);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setCode(11);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertFalse(isReturn);
borkerAccessControl.setPermitPullTopic(permitSendTopic);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
}
}
......@@ -83,31 +83,30 @@ public class PlainAclPlugEngineTest {
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void accountNullTest() {
accessControl.setAccount(null);
plainAclPlugEngine.setAccessControl(accessControl);
accessControl.setAccount(null);
plainAclPlugEngine.setAccessControl(accessControl);
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void accountThanTest() {
accessControl.setAccount("123");
plainAclPlugEngine.setAccessControl(accessControl);
accessControl.setAccount("123");
plainAclPlugEngine.setAccessControl(accessControl);
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void passWordtNullTest() {
accessControl.setAccount(null);
plainAclPlugEngine.setAccessControl(accessControl);
accessControl.setAccount(null);
plainAclPlugEngine.setAccessControl(accessControl);
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void passWordThanTest() {
accessControl.setAccount("123");
plainAclPlugEngine.setAccessControl(accessControl);
accessControl.setAccount("123");
plainAclPlugEngine.setAccessControl(accessControl);
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void testPlainAclPlugEngineInit() {
ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity();
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册