-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: HangyuanLiu <[email protected]>
- Loading branch information
1 parent
0f8fc55
commit 2c3c29c
Showing
27 changed files
with
932 additions
and
19 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
125 changes: 125 additions & 0 deletions
125
fe/fe-core/src/main/java/com/starrocks/authentication/FileGroupProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,125 @@ | ||
| // Copyright 2021-present StarRocks, Inc. All rights reserved. | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // https://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| package com.starrocks.authentication; | ||
|
|
||
| import com.starrocks.StarRocksFE; | ||
| import com.starrocks.common.DdlException; | ||
| import com.starrocks.sql.analyzer.SemanticException; | ||
| import com.starrocks.sql.ast.UserIdentity; | ||
| import org.apache.logging.log4j.LogManager; | ||
| import org.apache.logging.log4j.Logger; | ||
|
|
||
| import java.io.FileInputStream; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
| import java.io.InputStreamReader; | ||
| import java.io.Reader; | ||
| import java.net.URL; | ||
| import java.nio.charset.Charset; | ||
| import java.nio.charset.StandardCharsets; | ||
| import java.util.HashMap; | ||
| import java.util.HashSet; | ||
| import java.util.List; | ||
| import java.util.Map; | ||
| import java.util.Set; | ||
|
|
||
| public class FileGroupProvider extends GroupProvider { | ||
| private static final Logger LOG = LogManager.getLogger(FileGroupProvider.class); | ||
|
|
||
| public static final String TYPE = "file"; | ||
|
|
||
| public static final String GROUP_FILE_URL = "group_file_url"; | ||
|
|
||
| public static final Set<String> REQUIRED_PROPERTIES = new HashSet<>(List.of( | ||
| FileGroupProvider.GROUP_FILE_URL)); | ||
|
|
||
| private final Map<String, Set<String>> userGroups; | ||
|
|
||
| public FileGroupProvider(String name, Map<String, String> properties) { | ||
| super(name, properties); | ||
| this.userGroups = new HashMap<>(); | ||
| } | ||
|
|
||
| @Override | ||
| public void init() throws DdlException { | ||
| String groupFileUrl = properties.get(GROUP_FILE_URL); | ||
|
|
||
| try { | ||
| InputStream fileInputStream = null; | ||
| try { | ||
| if (groupFileUrl.startsWith("http://") || groupFileUrl.startsWith("https://")) { | ||
| fileInputStream = new URL(groupFileUrl).openStream(); | ||
| } else { | ||
| String filePath = StarRocksFE.STARROCKS_HOME_DIR + "/conf/" + groupFileUrl; | ||
| fileInputStream = new FileInputStream(filePath); | ||
| } | ||
|
|
||
| String s = readInputStreamToString(fileInputStream, StandardCharsets.UTF_8); | ||
| for (String line : s.split("\r?\n")) { | ||
| if (line.trim().isEmpty()) { | ||
| continue; | ||
| } | ||
|
|
||
| String[] parts = line.split(":"); | ||
| String groupName = parts[0]; | ||
| String[] users = parts[1].split(","); | ||
|
|
||
| for (String user : users) { | ||
| user = user.trim(); | ||
| userGroups.putIfAbsent(user, new HashSet<>()); | ||
| userGroups.get(user).add(groupName); | ||
| } | ||
| } | ||
| } finally { | ||
| if (fileInputStream != null) { | ||
| fileInputStream.close(); | ||
| } | ||
| } | ||
| } catch (IOException e) { | ||
| throw new DdlException(e.getMessage()); | ||
| } | ||
| } | ||
|
|
||
| @Override | ||
| public Set<String> getGroup(UserIdentity userIdentity) { | ||
| return userGroups.getOrDefault(userIdentity.getUser(), new HashSet<>()); | ||
| } | ||
|
|
||
| @Override | ||
| public void checkProperty() throws SemanticException { | ||
| REQUIRED_PROPERTIES.forEach(s -> { | ||
| if (!properties.containsKey(s)) { | ||
| throw new SemanticException("missing required property: " + s); | ||
| } | ||
| }); | ||
| } | ||
|
|
||
| public static String readInputStreamToString(final InputStream stream, final Charset charset) throws IOException { | ||
| final int bufferSize = 1024; | ||
| final char[] buffer = new char[bufferSize]; | ||
| final StringBuilder out = new StringBuilder(); | ||
|
|
||
| try (Reader in = new InputStreamReader(stream, charset)) { | ||
| while (true) { | ||
| int rsz = in.read(buffer, 0, buffer.length); | ||
| if (rsz < 0) { | ||
| break; | ||
| } | ||
| out.append(buffer, 0, rsz); | ||
| } | ||
| return out.toString(); | ||
| } | ||
| } | ||
| } |
65 changes: 65 additions & 0 deletions
65
fe/fe-core/src/main/java/com/starrocks/authentication/GroupProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| // Copyright 2021-present StarRocks, Inc. All rights reserved. | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // https://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| package com.starrocks.authentication; | ||
|
|
||
| import com.google.gson.annotations.SerializedName; | ||
| import com.starrocks.common.DdlException; | ||
| import com.starrocks.sql.analyzer.SemanticException; | ||
| import com.starrocks.sql.ast.UserIdentity; | ||
|
|
||
| import java.util.Map; | ||
| import java.util.Set; | ||
|
|
||
| public abstract class GroupProvider { | ||
| public static final String GROUP_PROVIDER_PROPERTY_TYPE_KEY = "type"; | ||
|
|
||
| @SerializedName(value = "n") | ||
| protected String name; | ||
| @SerializedName(value = "m") | ||
| protected Map<String, String> properties; | ||
|
|
||
| public GroupProvider(String name, Map<String, String> properties) { | ||
| this.name = name; | ||
| this.properties = properties; | ||
| } | ||
|
|
||
| public void init() throws DdlException { | ||
|
|
||
| } | ||
|
|
||
| public void destory() { | ||
|
|
||
| } | ||
|
|
||
| public String getName() { | ||
| return name; | ||
| } | ||
|
|
||
| public String getType() { | ||
| return properties.get("type"); | ||
| } | ||
|
|
||
| public Map<String, String> getProperties() { | ||
| return properties; | ||
| } | ||
|
|
||
| public String getComment() { | ||
| return ""; | ||
| } | ||
|
|
||
| public abstract Set<String> getGroup(UserIdentity userIdentity); | ||
|
|
||
| public abstract void checkProperty() throws SemanticException; | ||
| } |
50 changes: 50 additions & 0 deletions
50
fe/fe-core/src/main/java/com/starrocks/authentication/GroupProviderFactory.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| // Copyright 2021-present StarRocks, Inc. All rights reserved. | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // https://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| package com.starrocks.authentication; | ||
|
|
||
| import com.google.common.base.Preconditions; | ||
| import com.google.common.collect.ImmutableSortedSet; | ||
| import com.starrocks.sql.analyzer.SemanticException; | ||
|
|
||
| import java.util.Map; | ||
|
|
||
| public class GroupProviderFactory { | ||
|
|
||
| private static final ImmutableSortedSet<String> SUPPORT_GROUP_PROVIDER = | ||
| ImmutableSortedSet.orderedBy(String.CASE_INSENSITIVE_ORDER) | ||
| .add(UnixGroupProvider.TYPE) | ||
| .add(FileGroupProvider.TYPE) | ||
| .build(); | ||
|
|
||
| public static void checkGroupProviderIsSupported(String groupProviderType) { | ||
| if (!SUPPORT_GROUP_PROVIDER.contains(groupProviderType)) { | ||
| throw new SemanticException("unsupported group provider type '" + groupProviderType + "'"); | ||
| } | ||
| } | ||
| public static GroupProvider createGroupProvider(String name, Map<String, String> propertyMap) { | ||
| String type = propertyMap.get(GroupProvider.GROUP_PROVIDER_PROPERTY_TYPE_KEY); | ||
| checkGroupProviderIsSupported(type); | ||
|
|
||
| GroupProvider groupProvider = null; | ||
| if (type.equalsIgnoreCase(FileGroupProvider.TYPE)) { | ||
| groupProvider = new FileGroupProvider(name, propertyMap); | ||
| } else if (type.equalsIgnoreCase(UnixGroupProvider.TYPE)) { | ||
| groupProvider = new UnixGroupProvider(name, propertyMap); | ||
| } | ||
|
|
||
| Preconditions.checkNotNull(groupProvider); | ||
| return groupProvider; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.