From 3f1ad750db1bf953bd0c8ee6c77c3bd65496c3d0 Mon Sep 17 00:00:00 2001 From: peacewong Date: Thu, 3 Mar 2022 18:43:05 +0800 Subject: [PATCH] update restful supports proxy user mode #1590 --- .../linkis/server/utils/ModuleUserUtils.java | 9 ++- .../storage/fs/impl/LocalFileSystem.java | 1 - .../entrance/restful/EntranceRestfulApi.java | 6 +- .../entrance/EntranceWebSocketService.scala | 2 +- .../impl/LabelCheckInterceptor.scala | 5 -- .../parser/CommonEntranceParser.scala | 4 +- .../manager/am/restful/EMRestfulApi.java | 13 ++-- .../manager/am/restful/EngineRestfulApi.java | 20 ++--- .../restful/RMMonitorRest.scala | 9 ++- .../linkis/bml/restful/BmlProjectRestful.java | 15 ++-- .../linkis/bml/restful/BmlRestfulApi.java | 7 +- .../linkis/bml/restful/RestfulUtils.java | 4 +- .../cs/server/restful/CsRestfulParent.java | 4 +- .../linkis/cs/server/CsRestfulParent.java | 4 +- .../restful/api/DataSourceRestfulApi.java | 14 ++-- .../restful/api/MdqTableRestfulApi.java | 16 ++-- .../restful/api/ConfigurationRestfulApi.java | 14 ++-- .../label/restful/InstanceRestful.java | 5 +- .../restful/api/QueryRestfulApi.java | 8 +- .../restful/api/BMLFsRestfulApi.java | 9 ++- .../filesystem/restful/api/FsRestfulApi.java | 39 +++++----- .../filesystem/validator/PathValidator.scala | 5 +- .../org/apache/linkis/udf/api/UDFApi.java | 73 ++++++++++--------- .../restful/api/VariableRestfulApi.java | 6 +- 24 files changed, 154 insertions(+), 138 deletions(-) diff --git a/linkis-commons/linkis-module/src/main/java/org/apache/linkis/server/utils/ModuleUserUtils.java b/linkis-commons/linkis-module/src/main/java/org/apache/linkis/server/utils/ModuleUserUtils.java index 874db6b6fd..198cbb9f48 100644 --- a/linkis-commons/linkis-module/src/main/java/org/apache/linkis/server/utils/ModuleUserUtils.java +++ b/linkis-commons/linkis-module/src/main/java/org/apache/linkis/server/utils/ModuleUserUtils.java @@ -22,7 +22,7 @@ public class ModuleUserUtils { * @param httpServletRequest * @return */ - public ProxyUserEntity getProxyUserEntity(HttpServletRequest httpServletRequest) { + public static ProxyUserEntity getProxyUserEntity(HttpServletRequest httpServletRequest) { String loginUser = SecurityFilter.getLoginUsername(httpServletRequest); Option proxyUserUsername = ProxyUserSSOUtils.getProxyUserUsername(httpServletRequest); @@ -41,7 +41,8 @@ public ProxyUserEntity getProxyUserEntity(HttpServletRequest httpServletRequest) * @param msg * @return */ - public ProxyUserEntity getProxyUserEntity(HttpServletRequest httpServletRequest, String msg) { + public static ProxyUserEntity getProxyUserEntity( + HttpServletRequest httpServletRequest, String msg) { ProxyUserEntity proxyUserEntity = getProxyUserEntity(httpServletRequest); LOGGER.info( "user {} proxy to {} operation {}", @@ -51,7 +52,7 @@ public ProxyUserEntity getProxyUserEntity(HttpServletRequest httpServletRequest, return proxyUserEntity; } - public String getOperationUser(HttpServletRequest httpServletRequest) { + public static String getOperationUser(HttpServletRequest httpServletRequest) { ProxyUserEntity proxyUserEntity = getProxyUserEntity(httpServletRequest); if (proxyUserEntity.isProxyMode()) { return proxyUserEntity.getProxyUser(); @@ -67,7 +68,7 @@ public String getOperationUser(HttpServletRequest httpServletRequest) { * @param msg * @return */ - public String getOperationUser(HttpServletRequest httpServletRequest, String msg) { + public static String getOperationUser(HttpServletRequest httpServletRequest, String msg) { ProxyUserEntity proxyUserEntity = getProxyUserEntity(httpServletRequest, msg); if (proxyUserEntity.isProxyMode()) { return proxyUserEntity.getProxyUser(); diff --git a/linkis-commons/linkis-storage/src/main/java/org/apache/linkis/storage/fs/impl/LocalFileSystem.java b/linkis-commons/linkis-storage/src/main/java/org/apache/linkis/storage/fs/impl/LocalFileSystem.java index b026648cd0..edee4eb332 100644 --- a/linkis-commons/linkis-storage/src/main/java/org/apache/linkis/storage/fs/impl/LocalFileSystem.java +++ b/linkis-commons/linkis-storage/src/main/java/org/apache/linkis/storage/fs/impl/LocalFileSystem.java @@ -180,7 +180,6 @@ public boolean canMkdir(FsPath destParentDir) throws IOException { } return true; } - } @Override diff --git a/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceRestfulApi.java b/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceRestfulApi.java index d25a69356f..c7760da45c 100644 --- a/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceRestfulApi.java +++ b/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceRestfulApi.java @@ -37,6 +37,7 @@ import org.apache.linkis.scheduler.queue.SchedulerEventState; import org.apache.linkis.server.Message; import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.io.IOUtils; import org.apache.commons.lang.StringUtils; @@ -76,7 +77,8 @@ public void setEntranceServer(EntranceServer entranceServer) { public Message execute(HttpServletRequest req, @RequestBody Map json) { Message message = null; logger.info("Begin to get an execID"); - json.put(TaskConstant.UMUSER, SecurityFilter.getLoginUsername(req)); + json.put(TaskConstant.EXECUTE_USER, ModuleUserUtils.getOperationUser(req)); + json.put(TaskConstant.SUBMIT_USER, SecurityFilter.getLoginUsername(req)); HashMap map = (HashMap) json.get(TaskConstant.SOURCE); if (map == null) { map = new HashMap<>(); @@ -88,6 +90,7 @@ public Message execute(HttpServletRequest req, @RequestBody Map Job job = entranceServer.getJob(jobId).get(); JobRequest jobReq = ((EntranceJob) job).getJobRequest(); Long jobReqId = jobReq.getId(); + ModuleUserUtils.getOperationUser(req, "execute task,id: " + jobReqId); pushLog( LogUtils.generateInfo( "You have submitted a new job, script code (after variable substitution) is"), @@ -126,6 +129,7 @@ public Message execute(HttpServletRequest req, @RequestBody Map public Message submit(HttpServletRequest req, @RequestBody Map json) { Message message = null; logger.info("Begin to get an execID"); + json.put(TaskConstant.EXECUTE_USER, ModuleUserUtils.getOperationUser(req)); json.put(TaskConstant.SUBMIT_USER, SecurityFilter.getLoginUsername(req)); HashMap map = (HashMap) json.get(TaskConstant.SOURCE); if (map == null) { diff --git a/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/EntranceWebSocketService.scala b/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/EntranceWebSocketService.scala index 7b448915e9..64fc28ff21 100644 --- a/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/EntranceWebSocketService.scala +++ b/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/EntranceWebSocketService.scala @@ -120,7 +120,7 @@ class EntranceWebSocketService extends ServerEventService with EntranceEventList def dealExecute(event:ServerEvent):Message = { val params = event.getData.map{case (k, v) => k -> v.asInstanceOf[Any]} //TODO Convert to a suitable Map(转换成合适的Map) val websocketTag = event.getWebsocketTag - params.put(TaskConstant.UMUSER, event.getUser) + params.put(TaskConstant.EXECUTE_USER, event.getUser) val jobId = entranceServer.execute(params) jobIdToEventId synchronized jobIdToEventId.put(jobId, event.getId) websocketTagJobID synchronized websocketTagJobID.put(jobId, websocketTag) diff --git a/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/interceptor/impl/LabelCheckInterceptor.scala b/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/interceptor/impl/LabelCheckInterceptor.scala index cb80d16bfc..115fb83364 100644 --- a/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/interceptor/impl/LabelCheckInterceptor.scala +++ b/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/interceptor/impl/LabelCheckInterceptor.scala @@ -70,12 +70,7 @@ class LabelCheckInterceptor extends EntranceInterceptor { if (userCreatorLabelOption.isDefined) { val userCreator = userCreatorLabelOption.get.asInstanceOf[UserCreatorLabel] if (StringUtils.isNotBlank(userCreator.getUser)) { - val userInLabel = userCreator.getUser - if (userInLabel.equalsIgnoreCase(executeUser) && userInLabel.equalsIgnoreCase(submitUser)) { return - } else { - throw LabelCheckException(50080, s"SubmitUser : ${submitUser} must be the same as ExecuteUser : ${executeUser} , and user : ${userInLabel} in userCreatorLabel.") - } } } throw LabelCheckException(50079, "UserCreatorLabel must be need") diff --git a/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/parser/CommonEntranceParser.scala b/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/parser/CommonEntranceParser.scala index 56a1bee9eb..1cfb3227bb 100644 --- a/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/parser/CommonEntranceParser.scala +++ b/linkis-computation-governance/linkis-entrance/src/main/scala/org/apache/linkis/entrance/parser/CommonEntranceParser.scala @@ -155,13 +155,13 @@ class CommonEntranceParser(val persistenceManager: PersistenceManager) extends A val jobReq = new JobRequest jobReq.setCreatedTime(new Date(System.currentTimeMillis)) - val umUser = params.get(TaskConstant.UMUSER).asInstanceOf[String] + val umUser = params.get(TaskConstant.EXECUTE_USER).asInstanceOf[String] val submitUser = params.get(TaskConstant.SUBMIT_USER).asInstanceOf[String] jobReq.setSubmitUser(submitUser) if (StringUtils.isBlank(submitUser)) { jobReq.setSubmitUser(umUser) } - if (umUser == null) throw new EntranceIllegalParamException(20005, "umUser can not be null") + if (umUser == null) throw new EntranceIllegalParamException(20005, "execute user can not be null") jobReq.setExecuteUser(umUser) var executionCode = params.get(TaskConstant.EXECUTIONCODE).asInstanceOf[String] val _params = params.get(TaskConstant.PARAMS) diff --git a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java index cbf9329ffd..077177c671 100644 --- a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java +++ b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java @@ -43,7 +43,7 @@ import org.apache.linkis.manager.label.exception.LabelErrorException; import org.apache.linkis.manager.label.service.NodeLabelService; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.ArrayUtils; @@ -106,7 +106,7 @@ public Message listAllEMs( @RequestParam(value = "nodeHealthy", required = false) String nodeHealthy, @RequestParam(value = "owner", required = false) String owner) throws AMErrorException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "listAllEMs"); checkAdmin(userName); EMNode[] allEM = emInfoService.getAllEM(); ArrayList allEMVo = AMUtils.copyToEMVo(allEM); @@ -172,7 +172,7 @@ public Message listAllNodeHealthyStatus( @Transactional(rollbackFor = Exception.class) public Message modifyEMInfo(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws AMErrorException, LabelErrorException { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "modifyEMInfo"); checkAdmin(username); String applicationName = jsonNode.get("applicationName").asText(); String instance = jsonNode.get("instance").asText(); @@ -232,8 +232,9 @@ public Message modifyEMInfo(HttpServletRequest req, @RequestBody JsonNode jsonNo @RequestMapping(path = "/executeECMOperationByEC", method = RequestMethod.POST) public Message executeECMOperationByEC(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws AMErrorException { - String userName = SecurityFilter.getLoginUsername(req); + ServiceInstance serviceInstance = EngineRestfulApi.getServiceInstance(jsonNode); + String userName = ModuleUserUtils.getOperationUser(req, "executeECMOperationByEC"); logger.info( "User {} try to execute ECM Operation by EngineConn {}.", userName, @@ -268,7 +269,7 @@ public Message executeECMOperationByEC(HttpServletRequest req, @RequestBody Json @RequestMapping(path = "/executeECMOperation", method = RequestMethod.POST) public Message executeECMOperation(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws AMErrorException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "executeECMOperation"); ServiceInstance serviceInstance = EngineRestfulApi.getServiceInstance(jsonNode); logger.info("User {} try to execute ECM Operation with {}.", userName, serviceInstance); EMNode ecmNode = this.emInfoService.getEM(serviceInstance); @@ -294,7 +295,7 @@ public Message executeECMOperation(HttpServletRequest req, @RequestBody JsonNode @RequestMapping(path = "/openEngineLog", method = RequestMethod.POST) public Message openEngineLog(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws AMErrorException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "openEngineLog"); EMNode ecmNode; Map parameters; try { diff --git a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java index 9df0124f5b..f83ba6157c 100644 --- a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java +++ b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java @@ -43,7 +43,7 @@ import org.apache.linkis.manager.label.service.NodeLabelService; import org.apache.linkis.rpc.Sender; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.StringUtils; @@ -90,7 +90,7 @@ public class EngineRestfulApi { @RequestMapping(path = "/createEngineConn", method = RequestMethod.POST) public Message createEngineConn(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws IOException, InterruptedException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "createEngineConn"); EngineCreateRequest engineCreateRequest = objectMapper.treeToValue(jsonNode, EngineCreateRequest.class); engineCreateRequest.setUser(userName); @@ -135,7 +135,7 @@ public Message createEngineConn(HttpServletRequest req, @RequestBody JsonNode js @RequestMapping(path = "/getEngineConn", method = RequestMethod.POST) public Message getEngineConn(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws AMErrorException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "getEngineConn"); ServiceInstance serviceInstance = getServiceInstance(jsonNode); EngineNode engineNode = engineCreateService.getEngineNode(serviceInstance); if (!userName.equals(engineNode.getOwner()) && !isAdmin(userName)) { @@ -147,8 +147,10 @@ public Message getEngineConn(HttpServletRequest req, @RequestBody JsonNode jsonN @RequestMapping(path = "/killEngineConn", method = RequestMethod.POST) public Message killEngineConn(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws Exception { - String userName = SecurityFilter.getLoginUsername(req); + ServiceInstance serviceInstance = getServiceInstance(jsonNode); + String userName = + ModuleUserUtils.getOperationUser(req, "killEngineConn:" + serviceInstance); logger.info("User {} try to kill engineConn {}.", userName, serviceInstance); EngineNode engineNode = engineCreateService.getEngineNode(serviceInstance); if (!userName.equals(engineNode.getOwner()) && !isAdmin(userName)) { @@ -164,7 +166,7 @@ public Message killEngineConn(HttpServletRequest req, @RequestBody JsonNode json @RequestMapping(path = "/rm/enginekill", method = RequestMethod.POST) public Message killEngine(HttpServletRequest req, @RequestBody Map[] param) throws Exception { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "enginekill"); Sender sender = Sender.getSender(Sender.getThisServiceInstance()); for (Map engineParam : param) { String moduleName = engineParam.get("applicationName"); @@ -180,7 +182,7 @@ public Message killEngine(HttpServletRequest req, @RequestBody Map engineNodes = engineInfoService.listUserEngines(userName); return Message.ok().data("engines", engineNodes); } @@ -188,7 +190,7 @@ public Message listUserEngines(HttpServletRequest req) { @RequestMapping(path = "/listEMEngines", method = RequestMethod.POST) public Message listEMEngines(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws IOException, AMErrorException { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "listEMEngines"); if (!isAdmin(username)) { throw new AMErrorException( 210003, "Only admin can search engine information(只有管理员才能查询所有引擎信息)."); @@ -265,7 +267,7 @@ public Message listEMEngines(HttpServletRequest req, @RequestBody JsonNode jsonN @RequestMapping(path = "/modifyEngineInfo", method = RequestMethod.PUT) public Message modifyEngineInfo(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws AMErrorException, LabelErrorException { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "modifyEngineInfo"); if (!isAdmin(username)) { throw new AMErrorException( 210003, "Only admin can modify engineConn information(只有管理员才能修改引擎信息)."); @@ -309,7 +311,7 @@ public Message listAllNodeHealthyStatus( @RequestMapping(path = "/executeEngineConnOperation", method = RequestMethod.POST) public Message executeEngineConnOperation( HttpServletRequest req, @RequestBody JsonNode jsonNode) throws Exception { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "executeEngineConnOperation"); ServiceInstance serviceInstance = getServiceInstance(jsonNode); logger.info("User {} try to execute Engine Operation {}.", userName, serviceInstance); EngineNode engineNode = engineCreateService.getEngineNode(serviceInstance); diff --git a/linkis-computation-governance/linkis-manager/linkis-resource-manager/src/main/scala/org/apache/linkis/resourcemanager/restful/RMMonitorRest.scala b/linkis-computation-governance/linkis-manager/linkis-resource-manager/src/main/scala/org/apache/linkis/resourcemanager/restful/RMMonitorRest.scala index c5e959270b..98bf44285e 100644 --- a/linkis-computation-governance/linkis-manager/linkis-resource-manager/src/main/scala/org/apache/linkis/resourcemanager/restful/RMMonitorRest.scala +++ b/linkis-computation-governance/linkis-manager/linkis-resource-manager/src/main/scala/org/apache/linkis/resourcemanager/restful/RMMonitorRest.scala @@ -44,6 +44,7 @@ import org.apache.linkis.resourcemanager.service.impl.UserResourceService import org.apache.linkis.resourcemanager.service.{LabelResourceService, ResourceManager} import org.apache.linkis.resourcemanager.utils.{RMUtils, UserConfiguration} import org.apache.linkis.server.security.SecurityFilter +import org.apache.linkis.server.utils.ModuleUserUtils import org.apache.linkis.server.{BDPJettyServerHelper, Message} import org.json4s.DefaultFormats import org.json4s.jackson.Serialization.write @@ -108,7 +109,7 @@ class RMMonitorRest extends Logging { @RequestMapping(path = Array("applicationlist"), method = Array(RequestMethod.POST)) def getApplicationList(request: HttpServletRequest, @RequestBody param: util.Map[String, AnyRef]): Message = { val message = Message.ok("") - val userName = SecurityFilter.getLoginUsername(request) + val userName = ModuleUserUtils.getOperationUser(request, "applicationlist") val userCreator = param.get("userCreator").asInstanceOf[String] val engineType = if (param.get("engineType") == null) null else param.get("engineType").asInstanceOf[String] val nodes = getEngineNodes(userName, true) @@ -228,7 +229,7 @@ class RMMonitorRest extends Logging { @RequestMapping(path = Array("userresources"), method = Array(RequestMethod.POST)) def getUserResource(request: HttpServletRequest, @RequestBody(required = false) param: util.Map[String, AnyRef]): Message = { val message = Message.ok("") - val userName = SecurityFilter.getLoginUsername(request) + val userName = ModuleUserUtils.getOperationUser(request, "get userresources") var nodes = getEngineNodes(userName, true) if (nodes == null) { nodes = new Array[EngineNode](0) @@ -336,7 +337,7 @@ class RMMonitorRest extends Logging { @RequestMapping(path = Array("engines"), method = Array(RequestMethod.POST)) def getEngines(request: HttpServletRequest, @RequestBody(required = false) param: util.Map[String, AnyRef]): Message = { val message = Message.ok("") - val userName = SecurityFilter.getLoginUsername(request) + val userName = ModuleUserUtils.getOperationUser(request, "get engines") val nodes = getEngineNodes(userName, true) if(nodes == null || nodes.isEmpty) return message val engines = ArrayBuffer[mutable.HashMap[String, Any]]() @@ -455,7 +456,7 @@ class RMMonitorRest extends Logging { @RequestMapping(path = Array("queues"), method = Array(RequestMethod.POST)) def getQueues(request: HttpServletRequest, @RequestBody(required = false) param: util.Map[String, AnyRef]): Message = { val message = Message.ok() - val userName = SecurityFilter.getLoginUsername(request) + val userName = ModuleUserUtils.getOperationUser(request, "get queues") val clusters = new mutable.ArrayBuffer[Any]() val clusterInfo = new mutable.HashMap[String, Any]() val queues = new mutable.LinkedHashSet[String]() diff --git a/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlProjectRestful.java b/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlProjectRestful.java index abf061f77d..d63437052e 100644 --- a/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlProjectRestful.java +++ b/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlProjectRestful.java @@ -26,7 +26,7 @@ import org.apache.linkis.bml.util.HttpRequestHelper; import org.apache.linkis.common.exception.ErrorException; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.io.IOUtils; import org.apache.commons.lang.StringUtils; @@ -75,8 +75,10 @@ public class BmlProjectRestful { @RequestMapping(path = "createBmlProject", method = RequestMethod.POST) public Message createBmlProject(HttpServletRequest request, @RequestBody JsonNode jsonNode) { - String username = SecurityFilter.getLoginUsername(request); + String projectName = jsonNode.get(PROJECT_NAME_STR).textValue(); + String username = + ModuleUserUtils.getOperationUser(request, "createBmlProject" + projectName); LOGGER.info("{} begins to create a project {} in bml", username, projectName); JsonNode editUserNode = jsonNode.get(EDIT_USERS_STR); JsonNode accessUserNode = jsonNode.get(ACCESS_USERS_STR); @@ -109,7 +111,7 @@ public Message uploadShareResource( @RequestParam(name = "projectName") String projectName, @RequestParam(name = "file") List files) throws ErrorException { - String username = SecurityFilter.getLoginUsername(request); + String username = ModuleUserUtils.getOperationUser(request, "uploadShareResource"); Message message; try { LOGGER.info( @@ -174,7 +176,8 @@ public Message updateShareResource( @RequestParam("resourceId") String resourceId, @RequestParam("file") MultipartFile file) throws ErrorException { - String username = SecurityFilter.getLoginUsername(request); + String username = + ModuleUserUtils.getOperationUser(request, "updateShareResource:" + resourceId); if (StringUtils.isEmpty(resourceId) || !resourceService.checkResourceId(resourceId)) { LOGGER.error("the error resourceId is {} ", resourceId); throw new BmlServerParaErrorException( @@ -386,7 +389,7 @@ public Message getProjectInfo( @RequestMapping(path = "attachResourceAndProject", method = RequestMethod.POST) public Message attachResourceAndProject( HttpServletRequest request, @RequestBody JsonNode jsonNode) throws ErrorException { - String username = SecurityFilter.getLoginUsername(request); + String username = ModuleUserUtils.getOperationUser(request, "attachResourceAndProject"); String projectName = jsonNode.get(PROJECT_NAME_STR).textValue(); String resourceId = jsonNode.get("resourceId").textValue(); LOGGER.info("begin to attach {} and {}", projectName, username); @@ -397,7 +400,7 @@ public Message attachResourceAndProject( @RequestMapping(path = "updateProjectUsers", method = RequestMethod.POST) public Message updateProjectUsers(HttpServletRequest request, @RequestBody JsonNode jsonNode) throws ErrorException { - String username = SecurityFilter.getLoginUsername(request); + String username = ModuleUserUtils.getOperationUser(request, "updateProjectUsers"); String projectName = jsonNode.get("projectName").textValue(); LOGGER.info("{} begins to update project users for {}", username, projectName); List editUsers = new ArrayList<>(); diff --git a/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlRestfulApi.java b/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlRestfulApi.java index f734a5f0b5..053724567c 100644 --- a/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlRestfulApi.java +++ b/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/BmlRestfulApi.java @@ -36,7 +36,7 @@ import org.apache.linkis.bml.vo.ResourceVersionsVO; import org.apache.linkis.common.exception.ErrorException; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.io.IOUtils; import org.apache.commons.lang.StringUtils; @@ -828,7 +828,6 @@ public Message getResourceInfo( @RequestMapping(path = "changeOwner", method = RequestMethod.POST) public Message changeOwnerByResourceId( HttpServletRequest request, @RequestBody JsonNode jsonNode) throws ErrorException { - String username = SecurityFilter.getLoginUsername(request); String resourceId = jsonNode.get("resourceId").textValue(); String oldOwner = jsonNode.get("oldOwner").textValue(); String newOwner = jsonNode.get("newOwner").textValue(); @@ -839,7 +838,7 @@ public Message changeOwnerByResourceId( @RequestMapping(path = "copyResourceToAnotherUser", method = RequestMethod.POST) public Message copyResourceToAnotherUser( HttpServletRequest request, @RequestBody JsonNode jsonNode) { - String username = SecurityFilter.getLoginUsername(request); + String username = ModuleUserUtils.getOperationUser(request, "copyResourceToAnotherUser"); String resourceId = jsonNode.get("resourceId").textValue(); String anotherUser = jsonNode.get("anotherUser").textValue(); Message message = null; @@ -867,7 +866,7 @@ public Message copyResourceToAnotherUser( @RequestMapping(path = "rollbackVersion", method = RequestMethod.POST) public Message rollbackVersion(HttpServletRequest request, @RequestBody JsonNode jsonNode) { - String username = SecurityFilter.getLoginUsername(request); + String username = ModuleUserUtils.getOperationUser(request, "rollbackVersion"); String resourceId = jsonNode.get("resourceId").textValue(); String rollbackVersion = jsonNode.get("version").textValue(); Message message = null; diff --git a/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/RestfulUtils.java b/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/RestfulUtils.java index 3f4a4160f5..c55779ff2c 100644 --- a/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/RestfulUtils.java +++ b/linkis-public-enhancements/linkis-bml/linkis-bml-server/src/main/java/org/apache/linkis/bml/restful/RestfulUtils.java @@ -20,7 +20,7 @@ import org.apache.linkis.bml.common.BmlAuthorityException; import org.apache.linkis.bml.common.Constant; import org.apache.linkis.bml.service.ResourceService; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import javax.servlet.http.HttpServletRequest; @@ -39,7 +39,7 @@ public class RestfulUtils { public static String getUserName(HttpServletRequest request) throws BmlAuthorityException { String user; try { - user = SecurityFilter.getLoginUsername(request); + user = ModuleUserUtils.getOperationUser(request); } catch (final Exception e) { throw new BmlAuthorityException(); } diff --git a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/CsRestfulParent.java b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/CsRestfulParent.java index d1c73fb62c..22e5015dd8 100644 --- a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/CsRestfulParent.java +++ b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/CsRestfulParent.java @@ -33,7 +33,7 @@ import org.apache.linkis.cs.server.scheduler.RestJobBuilder; import org.apache.linkis.cs.server.util.CsUtils; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import javax.servlet.http.HttpServletRequest; @@ -51,7 +51,7 @@ default HttpAnswerJob submitRestJob( // TODO: 2020/3/3 单例 HttpAnswerJob job = (HttpAnswerJob) new RestJobBuilder().build(getServiceType()); HttpRequestProtocol protocol = job.getRequestProtocol(); - protocol.setUsername(SecurityFilter.getLoginUsername(req)); + protocol.setUsername(ModuleUserUtils.getOperationUser(req)); protocol.setServiceMethod(method); protocol.setRequestObjects(objects); getScheduler().submit(job); diff --git a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/test/java/org/apache/linkis/cs/server/CsRestfulParent.java b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/test/java/org/apache/linkis/cs/server/CsRestfulParent.java index 4faa790b06..8f34b6a3df 100644 --- a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/test/java/org/apache/linkis/cs/server/CsRestfulParent.java +++ b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/test/java/org/apache/linkis/cs/server/CsRestfulParent.java @@ -26,7 +26,7 @@ import org.apache.linkis.cs.server.scheduler.HttpAnswerJob; import org.apache.linkis.cs.server.scheduler.RestJobBuilder; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import javax.servlet.http.HttpServletRequest; @@ -37,7 +37,7 @@ default HttpAnswerJob submitRestJob( throws InterruptedException { HttpAnswerJob job = (HttpAnswerJob) new RestJobBuilder().build(getServiceType()); HttpRequestProtocol protocol = job.getRequestProtocol(); - protocol.setUsername(SecurityFilter.getLoginUsername(req)); + protocol.setUsername(ModuleUserUtils.getOperationUser(req)); protocol.setServiceMethod(method); protocol.setRequestObjects(objects); getScheduler().submit(job); diff --git a/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/DataSourceRestfulApi.java b/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/DataSourceRestfulApi.java index c5f1e040ad..2b0fc991ec 100644 --- a/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/DataSourceRestfulApi.java +++ b/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/DataSourceRestfulApi.java @@ -20,7 +20,7 @@ import org.apache.linkis.metadata.restful.remote.DataSourceRestfulRemote; import org.apache.linkis.metadata.service.DataSourceService; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; @@ -46,7 +46,7 @@ public class DataSourceRestfulApi implements DataSourceRestfulRemote { @Override @RequestMapping(path = "dbs", method = RequestMethod.GET) public Message queryDatabaseInfo(HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "get dbs"); try { JsonNode dbs = dataSourceService.getDbs(userName); return Message.ok("").data("dbs", dbs); @@ -59,7 +59,7 @@ public Message queryDatabaseInfo(HttpServletRequest req) { @Override @RequestMapping(path = "all", method = RequestMethod.GET) public Message queryDbsWithTables(HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "get all db and tables"); try { JsonNode dbs = dataSourceService.getDbsWithTables(userName); return Message.ok("").data("dbs", dbs); @@ -74,7 +74,7 @@ public Message queryDbsWithTables(HttpServletRequest req) { public Message queryTables( @RequestParam(value = "database", required = false) String database, HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "get tables"); try { JsonNode tables = dataSourceService.queryTables(database, userName); return Message.ok("").data("tables", tables); @@ -90,7 +90,7 @@ public Message queryTableMeta( @RequestParam(value = "database", required = false) String database, @RequestParam(value = "table", required = false) String table, HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "get columns of table " + table); try { JsonNode columns = dataSourceService.queryTableMeta(database, table, userName); return Message.ok("").data("columns", columns); @@ -107,7 +107,7 @@ public Message sizeOf( @RequestParam(value = "table", required = false) String table, @RequestParam(value = "partition", required = false) String partition, HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "get size "); try { JsonNode sizeNode; if (StringUtils.isBlank(partition)) { @@ -128,7 +128,7 @@ public Message partitions( @RequestParam(value = "database", required = false) String database, @RequestParam(value = "table", required = false) String table, HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "get partitions of " + table); try { JsonNode partitionNode = dataSourceService.getPartitions(database, table, userName); return Message.ok("").data("partitionInfo", partitionNode); diff --git a/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/MdqTableRestfulApi.java b/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/MdqTableRestfulApi.java index f7d1f67c12..f2abdd6a6e 100644 --- a/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/MdqTableRestfulApi.java +++ b/linkis-public-enhancements/linkis-datasource/linkis-metadata/src/main/java/org/apache/linkis/metadata/restful/api/MdqTableRestfulApi.java @@ -28,7 +28,7 @@ import org.apache.linkis.metadata.exception.MdqIllegalParamException; import org.apache.linkis.metadata.service.MdqService; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.RequestBody; @@ -66,7 +66,7 @@ public Message getTableBaseInfo( @RequestParam(value = "database", required = false) String database, @RequestParam(value = "tableName", required = false) String tableName, HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "getTableBaseInfo " + tableName); MdqTableBaseInfoVO tableBaseInfo; if (mdqService.isExistInMdq(database, tableName, userName)) { tableBaseInfo = mdqService.getTableBaseInfoFromMdq(database, tableName, userName); @@ -81,7 +81,7 @@ public Message getTableFieldsInfo( @RequestParam(value = "database", required = false) String database, @RequestParam(value = "tableName", required = false) String tableName, HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "getTableFieldsInfo " + tableName); List tableFieldsInfo; if (mdqService.isExistInMdq(database, tableName, userName)) { tableFieldsInfo = mdqService.getTableFieldsInfoFromMdq(database, tableName, userName); @@ -100,7 +100,8 @@ public Message getTableStatisticInfo( @RequestParam(value = "partitionSort", defaultValue = "desc") String partitionSort, HttpServletRequest req) throws IOException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = + ModuleUserUtils.getOperationUser(req, "getTableStatisticInfo " + tableName); MdqTableStatisticInfoVO tableStatisticInfo = mdqService.getTableStatisticInfo(database, tableName, userName); int totalSize = 0; @@ -156,7 +157,8 @@ public Message getPartitionStatisticInfo( @RequestParam(value = "partitionPath", required = false) String partitionName, HttpServletRequest req) throws IOException, MdqIllegalParamException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = + ModuleUserUtils.getOperationUser(req, "getPartitionStatisticInfo " + tableName); MdqTablePartitionStatisticInfoVO partition = mdqService.getPartitionStatisticInfo(database, tableName, userName, partitionName); return Message.ok().data("partitionStatisticInfo", partition); @@ -173,7 +175,7 @@ public Message active( @RequestMapping(path = "persistTable", method = RequestMethod.POST) public Message persistTable(HttpServletRequest req, @RequestBody JsonNode json) throws IOException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "persistTable "); MdqTableBO table = mapper.treeToValue(json.get("table"), MdqTableBO.class); mdqService.persistTable(table, userName); return Message.ok(); @@ -181,7 +183,7 @@ public Message persistTable(HttpServletRequest req, @RequestBody JsonNode json) @RequestMapping(path = "displaysql", method = RequestMethod.POST) public Message displaySql(HttpServletRequest request, @RequestBody JsonNode json) { - String userName = SecurityFilter.getLoginUsername(request); + String userName = ModuleUserUtils.getOperationUser(request, "displaysql "); logger.info("display sql for user {} ", userName); StringBuilder sb = new StringBuilder(); String retSql = ""; diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java b/linkis-public-enhancements/linkis-publicservice/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java index afc6974d9b..2d2055cba6 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java +++ b/linkis-public-enhancements/linkis-publicservice/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java @@ -30,7 +30,7 @@ import org.apache.linkis.manager.label.utils.LabelUtils; import org.apache.linkis.server.BDPJettyServerHelper; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.lang.StringUtils; @@ -74,7 +74,6 @@ public Message addKeyForEngine( @RequestParam(value = "token", required = false) String token, @RequestParam(value = "keyJson", required = false) String keyJson) throws ConfigurationException { - String username = SecurityFilter.getLoginUsername(req); if (StringUtils.isBlank(engineType) || StringUtils.isBlank(version) || StringUtils.isBlank(token)) { @@ -168,7 +167,7 @@ public Message getFullTreesByAppName( @RequestParam(value = "version", required = false) String version, @RequestParam(value = "creator", required = false) String creator) throws ConfigurationException { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "getFullTreesByAppName"); if (creator != null && (creator.equals("通用设置") || creator.equals("全局设置"))) { engineType = "*"; version = "*"; @@ -184,7 +183,6 @@ public Message getFullTreesByAppName( @RequestMapping(path = "/getCategory", method = RequestMethod.GET) public Message getCategory(HttpServletRequest req) { - String username = SecurityFilter.getLoginUsername(req); List categoryLabelList = categoryService.getAllCategory(); return Message.ok().data("Category", categoryLabelList); } @@ -192,7 +190,7 @@ public Message getCategory(HttpServletRequest req) { @RequestMapping(path = "/createFirstCategory", method = RequestMethod.POST) public Message createFirstCategory(HttpServletRequest request, @RequestBody JsonNode jsonNode) throws ConfigurationException { - String username = SecurityFilter.getLoginUsername(request); + String username = ModuleUserUtils.getOperationUser(request, "createFirstCategory"); checkAdmin(username); String categoryName = jsonNode.get("categoryName").asText(); String description = jsonNode.get("description").asText(); @@ -209,7 +207,7 @@ public Message createFirstCategory(HttpServletRequest request, @RequestBody Json @RequestMapping(path = "/deleteCategory", method = RequestMethod.POST) public Message deleteCategory(HttpServletRequest request, @RequestBody JsonNode jsonNode) throws ConfigurationException { - String username = SecurityFilter.getLoginUsername(request); + String username = ModuleUserUtils.getOperationUser(request, "deleteCategory"); checkAdmin(username); Integer categoryId = jsonNode.get("categoryId").asInt(); categoryService.deleteCategory(categoryId); @@ -219,7 +217,6 @@ public Message deleteCategory(HttpServletRequest request, @RequestBody JsonNode @RequestMapping(path = "/createSecondCategory", method = RequestMethod.POST) public Message createSecondCategory(HttpServletRequest request, @RequestBody JsonNode jsonNode) throws ConfigurationException { - String username = SecurityFilter.getLoginUsername(request); Integer categoryId = jsonNode.get("categoryId").asInt(); String engineType = jsonNode.get("engineType").asText(); String version = jsonNode.get("version").asText(); @@ -246,7 +243,7 @@ public Message saveFullTree(HttpServletRequest req, @RequestBody JsonNode json) if (creator != null && (creator.equals("通用设置") || creator.equals("全局设置"))) { creator = "*"; } - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "saveFullTree"); ArrayList createList = new ArrayList<>(); ArrayList updateList = new ArrayList<>(); for (Object o : fullTrees) { @@ -285,7 +282,6 @@ public Message listAllEngineType(HttpServletRequest request) { @RequestMapping(path = "/updateCategoryInfo", method = RequestMethod.POST) public Message updateCategoryInfo(HttpServletRequest request, @RequestBody JsonNode jsonNode) throws ConfigurationException { - String username = SecurityFilter.getLoginUsername(request); String description = null; Integer categoryId = null; try { diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java b/linkis-public-enhancements/linkis-publicservice/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java index e33b5ea7b8..2a42def5a6 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java +++ b/linkis-public-enhancements/linkis-publicservice/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java @@ -29,7 +29,7 @@ import org.apache.linkis.manager.label.entity.UserModifiable; import org.apache.linkis.manager.label.utils.LabelUtils; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; @@ -60,7 +60,6 @@ public class InstanceRestful { @RequestMapping(path = "/allInstance", method = RequestMethod.GET) public Message listAllInstanceWithLabel(HttpServletRequest req) { - String username = SecurityFilter.getLoginUsername(req); logger.info("start to get all instance informations....."); List instances = insLabelService.listAllInstanceWithLabel(); insLabelService.markInstanceLabel(instances); @@ -72,7 +71,7 @@ public Message listAllInstanceWithLabel(HttpServletRequest req) { @RequestMapping(path = "/instanceLabel", method = RequestMethod.PUT) public Message upDateInstanceLabel(HttpServletRequest req, @RequestBody JsonNode jsonNode) throws Exception { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req); String[] adminArray = InstanceConfigration.GOVERNANCE_STATION_ADMIN().getValue().split(","); if (adminArray != null && !Arrays.asList(adminArray).contains(username)) { throw new Exception("only admin can modify instance label(只有管理员才能修改标签)"); diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-jobhistory/src/main/java/org/apache/linkis/jobhistory/restful/api/QueryRestfulApi.java b/linkis-public-enhancements/linkis-publicservice/linkis-jobhistory/src/main/java/org/apache/linkis/jobhistory/restful/api/QueryRestfulApi.java index 0a4901c61f..b049d89664 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-jobhistory/src/main/java/org/apache/linkis/jobhistory/restful/api/QueryRestfulApi.java +++ b/linkis-public-enhancements/linkis-publicservice/linkis-jobhistory/src/main/java/org/apache/linkis/jobhistory/restful/api/QueryRestfulApi.java @@ -27,7 +27,7 @@ import org.apache.linkis.jobhistory.util.QueryUtils; import org.apache.linkis.protocol.constants.TaskConstant; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.StringUtils; @@ -55,7 +55,7 @@ public class QueryRestfulApi { @RequestMapping(path = "/governanceStationAdmin", method = RequestMethod.GET) public Message governanceStationAdmin(HttpServletRequest req) { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "governanceStationAdmin"); String[] split = JobhistoryConfiguration.GOVERNANCE_STATION_ADMIN().getValue().split(","); boolean match = Arrays.stream(split).anyMatch(username::equalsIgnoreCase); return Message.ok().data("admin", match); @@ -63,7 +63,7 @@ public Message governanceStationAdmin(HttpServletRequest req) { @RequestMapping(path = "/{id}/get", method = RequestMethod.GET) public Message getTaskByID(HttpServletRequest req, @PathVariable("id") Long jobId) { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "get task " + jobId); if (QueryUtils.isJobHistoryAdmin(username) || !JobhistoryConfiguration.JOB_HISTORY_SAFE_TRIGGER()) { username = null; @@ -112,7 +112,7 @@ public Message list( @RequestParam(value = "proxyUser", required = false) String proxyUser, @RequestParam(value = "isAdminView", required = false) Boolean isAdminView) throws IOException, QueryException { - String username = SecurityFilter.getLoginUsername(req); + String username = ModuleUserUtils.getOperationUser(req, "list task "); if (StringUtils.isEmpty(status)) { status = null; } diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/BMLFsRestfulApi.java b/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/BMLFsRestfulApi.java index a9f6a2cf50..57da63b994 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/BMLFsRestfulApi.java +++ b/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/BMLFsRestfulApi.java @@ -22,7 +22,7 @@ import org.apache.linkis.filesystem.exception.WorkSpaceException; import org.apache.linkis.filesystem.exception.WorkspaceExceptionManager; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.linkis.storage.script.*; import org.apache.linkis.storage.script.writer.StorageScriptFsWriter; import org.apache.linkis.storage.source.FileSource; @@ -59,7 +59,7 @@ public Message openScriptFromBML( @RequestParam(value = "projectName", required = false) String projectName, @RequestParam(value = "fileName", defaultValue = "test.sql") String fileName) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "openScriptFromBML"); Map query = bmlHelper.query(userName, resourceId, version); InputStream inputStream = (InputStream) query.get("stream"); try (FileSource fileSource = @@ -91,7 +91,7 @@ public Message openScriptFromProductBML( @RequestParam(value = "creator", required = false) String creator, @RequestParam(value = "fileName", defaultValue = "test.sql") String fileName) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "openScriptFromBML"); if (!StringUtils.isEmpty(creator)) { userName = creator; } @@ -123,13 +123,14 @@ public Message openScriptFromProductBML( @RequestMapping(path = "/saveScriptToBML", method = RequestMethod.POST) public Message saveScriptToBML(HttpServletRequest req, @RequestBody Map json) throws IOException { - String userName = SecurityFilter.getLoginUsername(req); + String scriptContent = (String) json.get("scriptContent"); Map params = (Map) json.get("metadata"); String fileName = (String) json.get("fileName"); String resourceId = (String) json.get("resourceId"); String creator = (String) json.get("creator"); String projectName = (String) json.get("projectName"); + String userName = ModuleUserUtils.getOperationUser(req, "saveScriptToBML" + fileName); ScriptFsWriter writer = StorageScriptFsWriter.getScriptFsWriter( new FsPath(fileName), Consts.UTF_8.toString(), null); diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/FsRestfulApi.java b/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/FsRestfulApi.java index 0856250177..1138aa9088 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/FsRestfulApi.java +++ b/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/java/org/apache/linkis/filesystem/restful/api/FsRestfulApi.java @@ -28,7 +28,7 @@ import org.apache.linkis.filesystem.util.WorkspaceUtil; import org.apache.linkis.filesystem.validator.PathValidator$; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.linkis.storage.csv.CSVFsWriter; import org.apache.linkis.storage.domain.FsPathListWithError; import org.apache.linkis.storage.excel.ExcelFsWriter; @@ -113,7 +113,7 @@ public Message getUserRootPath( HttpServletRequest req, @RequestParam(value = "pathType", required = false) String pathType) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "getUserRootPath"); String hdfsUserRootPathPrefix = WorkspaceUtil.suffixTuning(HDFS_USER_ROOT_PATH_PREFIX.getValue()); String hdfsUserRootPathSuffix = HDFS_USER_ROOT_PATH_SUFFIX.getValue(); @@ -138,8 +138,9 @@ public Message getUserRootPath( @RequestMapping(path = "/createNewDir", method = RequestMethod.POST) public Message createNewDir(HttpServletRequest req, @RequestBody JsonNode json) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + String path = json.get("path").textValue(); + String userName = ModuleUserUtils.getOperationUser(req, "createNewDir " + path); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } @@ -159,8 +160,8 @@ public Message createNewDir(HttpServletRequest req, @RequestBody JsonNode json) @RequestMapping(path = "/createNewFile", method = RequestMethod.POST) public Message createNewFile(HttpServletRequest req, @RequestBody JsonNode json) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); String path = json.get("path").textValue(); + String userName = ModuleUserUtils.getOperationUser(req, "createNewFile " + path); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } @@ -182,7 +183,7 @@ public Message rename(HttpServletRequest req, @RequestBody JsonNode json) throws IOException, WorkSpaceException { String oldDest = json.get("oldDest").textValue(); String newDest = json.get("newDest").textValue(); - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "rename " + newDest); if (FILESYSTEM_PATH_CHECK_TRIGGER.getValue()) { LOGGER.info( String.format( @@ -218,10 +219,11 @@ public Message upload( @RequestParam("path") String path, @RequestParam("file") List files) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } + String userName = ModuleUserUtils.getOperationUser(req, "upload " + path); if (!checkIsUsersDirectory(path, userName)) { throw WorkspaceExceptionManager.createException(80010, path); } @@ -244,8 +246,9 @@ public Message upload( @RequestMapping(path = "/deleteDirOrFile", method = RequestMethod.POST) public Message deleteDirOrFile(HttpServletRequest req, @RequestBody JsonNode json) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + String path = json.get("path").textValue(); + String userName = ModuleUserUtils.getOperationUser(req, "deleteDirOrFile " + path); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } @@ -269,10 +272,11 @@ public Message deleteDirOrFile(HttpServletRequest req, @RequestBody JsonNode jso public Message getDirFileTrees( HttpServletRequest req, @RequestParam(value = "path", required = false) String path) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } + String userName = ModuleUserUtils.getOperationUser(req, "getDirFileTrees " + path); if (!checkIsUsersDirectory(path, userName)) { throw WorkspaceExceptionManager.createException(80010, path); } @@ -324,8 +328,8 @@ public void download( PrintWriter writer = null; try { String charset = json.get("charset"); - String userName = SecurityFilter.getLoginUsername(req); String path = json.get("path"); + String userName = ModuleUserUtils.getOperationUser(req, "download " + path); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } @@ -376,7 +380,7 @@ public void download( public Message isExist( HttpServletRequest req, @RequestParam(value = "path", required = false) String path) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "isExist " + path); FsPath fsPath = new FsPath(path); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); @@ -394,10 +398,10 @@ public Message fileInfo( @RequestParam(value = "path", required = false) String path, @RequestParam(value = "pageSize", defaultValue = "5000") Integer pageSize) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } + String userName = ModuleUserUtils.getOperationUser(req, "fileInfo " + path); FsPath fsPath = new FsPath(path); FileSystem fileSystem = fsService.getFileSystem(userName, fsPath); // Throws an exception if the file does not have read access(如果文件没读权限,抛出异常) @@ -433,11 +437,12 @@ public Message openFile( @RequestParam(value = "pageSize", defaultValue = "5000") Integer pageSize, @RequestParam(value = "charset", defaultValue = "utf-8") String charset) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); + Message message = Message.ok(); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } + String userName = ModuleUserUtils.getOperationUser(req, "openFile " + path); if (!checkIsUsersDirectory(path, userName)) { throw WorkspaceExceptionManager.createException(80010, path); } @@ -473,8 +478,8 @@ public Message openFile( @RequestMapping(path = "/saveScript", method = RequestMethod.POST) public Message saveScript(HttpServletRequest req, @RequestBody Map json) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); String path = (String) json.get("path"); + String userName = ModuleUserUtils.getOperationUser(req, "saveScript " + path); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } @@ -530,7 +535,7 @@ public void resultsetToExcel( PrintWriter writer = null; FileSource fileSource = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "resultsetToExcel " + path); FsPath fsPath = new FsPath(path); FileSystem fileSystem = fsService.getFileSystem(userName, fsPath); boolean isLimitDownloadSize = RESULT_SET_DOWNLOAD_IS_LIMIT.getValue(); @@ -619,7 +624,7 @@ public void resultsetsToExcel( PrintWriter writer = null; FileSource fileSource = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "resultsetsToExcel " + path); FsPath fsPath = new FsPath(path); FileSystem fileSystem = fsService.getFileSystem(userName, fsPath); if (StringUtils.isEmpty(path)) { @@ -688,10 +693,10 @@ public Message formate( @RequestParam(value = "quote", defaultValue = "\"") String quote, @RequestParam(value = "escapeQuotes", defaultValue = "false") Boolean escapeQuotes) throws Exception { - String userName = SecurityFilter.getLoginUsername(req); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } + String userName = ModuleUserUtils.getOperationUser(req, "formate " + path); if (!checkIsUsersDirectory(path, userName)) { throw WorkspaceExceptionManager.createException(80010, path); } @@ -747,10 +752,10 @@ public Message openLog( @RequestParam(value = "path", required = false) String path, @RequestParam(value = "proxyUser", required = false) String proxyUser) throws IOException, WorkSpaceException { - String userName = SecurityFilter.getLoginUsername(req); if (StringUtils.isEmpty(path)) { throw WorkspaceExceptionManager.createException(80004, path); } + String userName = ModuleUserUtils.getOperationUser(req, "openLog " + path); if (proxyUser != null && WorkspaceUtil.isLogAdmin(userName)) { userName = proxyUser; } diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/scala/org/apache/linkis/filesystem/validator/PathValidator.scala b/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/scala/org/apache/linkis/filesystem/validator/PathValidator.scala index 3062991dc0..6d123285ae 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/scala/org/apache/linkis/filesystem/validator/PathValidator.scala +++ b/linkis-public-enhancements/linkis-publicservice/linkis-script-dev/linkis-storage-script-dev-server/src/main/scala/org/apache/linkis/filesystem/validator/PathValidator.scala @@ -18,7 +18,6 @@ package org.apache.linkis.filesystem.validator import java.io.File - import com.fasterxml.jackson.databind.JsonNode import org.apache.linkis.common.utils.Logging import org.apache.linkis.filesystem.conf.WorkSpaceConfiguration._ @@ -27,7 +26,9 @@ import org.apache.linkis.filesystem.util.WorkspaceUtil import org.apache.linkis.server import org.apache.linkis.server.{Message, catchIt} import org.apache.linkis.server.security.SecurityFilter +import org.apache.linkis.server.utils.ModuleUserUtils import org.apache.linkis.storage.utils.StorageUtils + import javax.servlet.http.{HttpServletRequest, HttpServletResponse} import org.aspectj.lang.ProceedingJoinPoint import org.aspectj.lang.annotation.{Around, Aspect, Pointcut} @@ -68,7 +69,7 @@ class PathValidator extends Logging { case index: Int => { val proxyUser = paramNames.indexOf("proxyUser") if (proxyUser == -1 || StringUtils.isEmpty(args(proxyUser))) { - username = SecurityFilter.getLoginUsername(args(index).asInstanceOf[HttpServletRequest]) + username = ModuleUserUtils.getOperationUser(args(index).asInstanceOf[HttpServletRequest]) } else { //增加proxyuser的判断 username = args(proxyUser).toString diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-udf/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFApi.java b/linkis-public-enhancements/linkis-publicservice/linkis-udf/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFApi.java index 0b94a47f17..155bf7ea42 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-udf/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFApi.java +++ b/linkis-public-enhancements/linkis-publicservice/linkis-udf/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFApi.java @@ -18,7 +18,7 @@ package org.apache.linkis.udf.api; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.linkis.udf.entity.UDFInfo; import org.apache.linkis.udf.entity.UDFTree; import org.apache.linkis.udf.excepiton.UDFException; @@ -73,7 +73,7 @@ public class UDFApi { public Message allUDF(HttpServletRequest req, String jsonString) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "get all udfs "); if (!StringUtils.isEmpty(jsonString)) { Map json = mapper.reader(Map.class).readValue(jsonString); String type = (String) json.getOrDefault("type", "self"); @@ -143,7 +143,7 @@ private void fetchUdfInfoRecursively(List allInfo, UDFTree udfTree, S public Message listUDF(HttpServletRequest req, @RequestBody Map json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "list udfs "); String type = (String) json.getOrDefault("type", SELF_USER); Long treeId = ((Integer) json.getOrDefault("treeId", -1)).longValue(); String category = ((String) json.getOrDefault("category", ALL)); @@ -162,7 +162,7 @@ public Message listUDF(HttpServletRequest req, @RequestBody Map public Message addUDF(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "add udf "); UDFAddVo udfvo = mapper.treeToValue(json.get("udfAddVo"), UDFAddVo.class); udfvo.setCreateUser(userName); udfvo.setCreateTime(new Date()); @@ -181,7 +181,7 @@ public Message addUDF(HttpServletRequest req, @RequestBody JsonNode json) { public Message updateUDF(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "update udf "); UDFUpdateVo udfUpdateVo = mapper.treeToValue(json.get("udfUpdateVo"), UDFUpdateVo.class); udfService.updateUDF(udfUpdateVo, userName); @@ -196,7 +196,7 @@ public Message updateUDF(HttpServletRequest req, @RequestBody JsonNode json) { @RequestMapping(path = "delete/{id}", method = RequestMethod.POST) public Message deleteUDF(HttpServletRequest req, @PathVariable("id") Long id) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "delete udf " + id); Message message = null; try { verifyOperationUser(userName, id); @@ -214,7 +214,7 @@ public Message isLoad( HttpServletRequest req, @RequestParam(value = "udfId", required = false) Long udfId, @RequestParam(value = "isLoad", required = false) Boolean isLoad) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "isload "); Message message = null; try { if (isLoad) { @@ -232,7 +232,8 @@ public Message isLoad( @RequestMapping(path = "/tree/add", method = RequestMethod.POST) public Message addTree(HttpServletRequest req, @RequestBody UDFTree udfTree) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = + ModuleUserUtils.getOperationUser(req, "add udf tree " + udfTree.getName()); Message message = null; try { udfTree.setCreateTime(new Date()); @@ -251,7 +252,8 @@ public Message addTree(HttpServletRequest req, @RequestBody UDFTree udfTree) { @RequestMapping(path = "/tree/update", method = RequestMethod.POST) public Message updateTree(HttpServletRequest req, @RequestBody UDFTree udfTree) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = + ModuleUserUtils.getOperationUser(req, "update udf tree " + udfTree.getName()); Message message = null; try { udfTree.setUpdateTime(new Date()); @@ -269,7 +271,7 @@ public Message updateTree(HttpServletRequest req, @RequestBody UDFTree udfTree) @RequestMapping(path = "/tree/delete/{id}", method = RequestMethod.GET) public Message deleteTree(HttpServletRequest req, @PathVariable("id") Long id) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "delete udf tree " + id); Message message = null; try { udfTreeService.deleteTree(id, userName); @@ -285,7 +287,7 @@ public Message deleteTree(HttpServletRequest req, @PathVariable("id") Long id) { public Message Authenticate(HttpServletRequest req) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req); if (StringUtils.isEmpty(userName)) { throw new UDFException("UserName is Empty!"); } @@ -307,14 +309,15 @@ public Message Authenticate(HttpServletRequest req) { public Message setExpire(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); - if (StringUtils.isEmpty(userName)) { - throw new UDFException("UserName is Empty!"); - } Long udfId = json.get("udfId").longValue(); if (StringUtils.isEmpty(udfId)) { throw new UDFException("udfId is Empty!"); } + String userName = ModuleUserUtils.getOperationUser(req, "set expire udf " + udfId); + if (StringUtils.isEmpty(userName)) { + throw new UDFException("UserName is Empty!"); + } + verifyOperationUser(userName, udfId); udfService.setUdfExpire(udfId, userName); message = Message.ok(); @@ -333,7 +336,7 @@ public Message setExpire(HttpServletRequest req, @RequestBody JsonNode json) { public Message shareUDF(HttpServletRequest req, @RequestBody JsonNode json) throws Throwable { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req); if (StringUtils.isEmpty(userName)) { throw new UDFException("UserName is Empty!"); } @@ -382,7 +385,7 @@ public Message shareUDF(HttpServletRequest req, @RequestBody JsonNode json) thro public Message getSharedUsers(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req); if (StringUtils.isEmpty(userName)) { throw new UDFException("UserName is Empty!"); } @@ -408,15 +411,17 @@ public Message getSharedUsers(HttpServletRequest req, @RequestBody JsonNode json public Message handoverUDF(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); - if (StringUtils.isEmpty(userName)) { - throw new UDFException("username is empty!"); - } long udfId = json.get("udfId").longValue(); String handoverUser = json.get("handoverUser").textValue(); if (StringUtils.isEmpty(handoverUser)) { throw new UDFException("The handover user can't be null!"); } + String userName = + ModuleUserUtils.getOperationUser( + req, String.join(",", "hand over udf", "" + udfId, handoverUser)); + if (StringUtils.isEmpty(userName)) { + throw new UDFException("username is empty!"); + } UDFInfo udfInfo = verifyOperationUser(userName, udfId); if (udfService.isUDFManager(udfInfo.getCreateUser()) && !udfService.isUDFManager(handoverUser)) { @@ -455,7 +460,7 @@ private UDFInfo verifyOperationUser(String userName, long udfId) throws UDFExcep public Message publishUDF(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } @@ -478,7 +483,7 @@ public Message publishUDF(HttpServletRequest req, @RequestBody JsonNode json) { public Message rollbackUDF(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } @@ -498,7 +503,7 @@ public Message rollbackUDF(HttpServletRequest req, @RequestBody JsonNode json) { public Message versionList(HttpServletRequest req, @RequestParam("udfId") long udfId) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } @@ -523,7 +528,7 @@ public Message versionList(HttpServletRequest req, @RequestParam("udfId") long u public Message managerPages(HttpServletRequest req, @RequestBody JsonNode jsonNode) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } @@ -560,12 +565,13 @@ public Message managerPages(HttpServletRequest req, @RequestBody JsonNode jsonNo public Message downloadUdf(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + + long udfId = json.get("udfId").longValue(); + String version = json.get("version").textValue(); + String userName = ModuleUserUtils.getOperationUser(req, "downloadUdf " + udfId); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } - long udfId = json.get("udfId").longValue(); - String version = json.get("version").textValue(); String content = udfService.downLoadUDF(udfId, version, userName); message = Message.ok(); message.data("content", content); @@ -585,12 +591,13 @@ public void downloadToLocal( BufferedInputStream fis = null; BufferedOutputStream outputStream = null; try { - String userName = SecurityFilter.getLoginUsername(req); + + long udfId = json.get("udfId").longValue(); + String version = json.get("version").textValue(); + String userName = ModuleUserUtils.getOperationUser(req, "downloadUdf " + udfId); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } - long udfId = json.get("udfId").longValue(); - String version = json.get("version").textValue(); DownloadVo downloadVo = udfService.downloadToLocal(udfId, version, userName); is = downloadVo.getInputStream(); fis = new BufferedInputStream(is); @@ -633,7 +640,7 @@ public void downloadToLocal( public Message allUdfUsers(HttpServletRequest req, @RequestBody JsonNode json) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "allUdfUsers "); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } @@ -653,7 +660,7 @@ public Message getUserDirectory( HttpServletRequest req, @RequestParam("category") String category) { Message message = null; try { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "userDirectory "); if (StringUtils.isEmpty(userName)) { throw new UDFException("username is empty!"); } diff --git a/linkis-public-enhancements/linkis-publicservice/linkis-variable/src/main/java/org/apache/linkis/variable/restful/api/VariableRestfulApi.java b/linkis-public-enhancements/linkis-publicservice/linkis-variable/src/main/java/org/apache/linkis/variable/restful/api/VariableRestfulApi.java index e6d0326713..0ff83c63d2 100644 --- a/linkis-public-enhancements/linkis-publicservice/linkis-variable/src/main/java/org/apache/linkis/variable/restful/api/VariableRestfulApi.java +++ b/linkis-public-enhancements/linkis-publicservice/linkis-variable/src/main/java/org/apache/linkis/variable/restful/api/VariableRestfulApi.java @@ -18,7 +18,7 @@ package org.apache.linkis.variable.restful.api; import org.apache.linkis.server.Message; -import org.apache.linkis.server.security.SecurityFilter; +import org.apache.linkis.server.utils.ModuleUserUtils; import org.apache.linkis.variable.entity.VarKeyValueVO; import org.apache.linkis.variable.exception.VariableException; import org.apache.linkis.variable.service.VariableService; @@ -70,7 +70,7 @@ public Message removeGlobalVariable(HttpServletRequest req, JsonNode json) { @RequestMapping(path = "listGlobalVariable", method = RequestMethod.GET) public Message listGlobalVariable(HttpServletRequest req) { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "listGlobalVariable "); List kvs = variableService.listGlobalVariable(userName); return Message.ok().data("globalVariables", kvs); } @@ -78,7 +78,7 @@ public Message listGlobalVariable(HttpServletRequest req) { @RequestMapping(path = "saveGlobalVariable", method = RequestMethod.POST) public Message saveGlobalVariable(HttpServletRequest req, @RequestBody JsonNode json) throws IOException, VariableException { - String userName = SecurityFilter.getLoginUsername(req); + String userName = ModuleUserUtils.getOperationUser(req, "saveGlobalVariable "); List userVariables = variableService.listGlobalVariable(userName); List globalVariables = mapper.treeToValue(json.get("globalVariables"), List.class); variableService.saveGlobalVaraibles(globalVariables, userVariables, userName);