-
Notifications
You must be signed in to change notification settings - Fork 10
/
鉴权流程图
295 lines (295 loc) · 29.1 KB
/
鉴权流程图
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
<mxfile host="app.diagrams.net" modified="2021-12-22T08:45:51.772Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36" etag="4RRS-WXkrmELbgeyG4DD" version="15.8.7" type="github">
<diagram id="KHTxeZb80fiqxAxIxDZ8" name="Page-1">
<mxGraphModel dx="1438" dy="640" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="M7zj4PXyI5NjYx9-QAcN-3" value="AliyunAuthManager.auth" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="230" y="480" width="180" height="40" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-1" value="服务端根据传递过来的request中的信息,拼接resource" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="155" y="110" width="330" height="40" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-2" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-1" target="wHWeom3NAk1b6IJDoaqx-7" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="365" y="310" as="sourcePoint" />
<mxPoint x="320" y="200" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-3" value="校验signature" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="260" y="270" width="120" height="40" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-6" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-3" target="M7zj4PXyI5NjYx9-QAcN-3" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="580" y="360" as="sourcePoint" />
<mxPoint x="630" y="310" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-7" value="从方法的标注上拿取action信息" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="220" y="190" width="200" height="40" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-8" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-7" target="wHWeom3NAk1b6IJDoaqx-3" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="520" y="290" as="sourcePoint" />
<mxPoint x="570" y="240" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-9" value="AuthService.hasAdminPermission<br>查看是否具有admin权限" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="470" y="375" width="220" height="50" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-11" value="AuthService.checkPermission(accessKey, permission.getResource(), permission.getAction(), ip) 查询是否具有指定resource和action的权限" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="450" y="565" width="260" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-12" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-9" target="wHWeom3NAk1b6IJDoaqx-11" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="720" y="585" as="sourcePoint" />
<mxPoint x="770" y="535" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-14" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="410" y="365" width="50" height="270" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-16" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="710" y="482.5" width="20" height="225" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-18" value="AuthResourceService.checkPermissionAdapter" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="750" y="565" width="270" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-19" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1020" y="502.5" width="20" height="897.5" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-20" value="RamPermissionService.hasPermission" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1040" y="565" width="240" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-21" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1281" y="240" width="20" height="720" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-22" value="AuthFilter.doFilter" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="10" y="355" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-23" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="130" y="110" width="20" height="550" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-24" value="parse2MseRamPolicy" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1322" y="392.5" width="220" height="35" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-25" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1542" y="190" width="20" height="440" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-26" value="<p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">从ram远程拉取policy</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">policyString = ramService.getPolicyString(parentUid, subuserId);</p>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1563" y="197.5" width="449" height="51" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-27" value="<p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;pingfang sc&#34;">如果有<span class="s1" style="font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">admin</span>权限,就直接返回<span class="s1" style="font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">true</span></p>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" parent="1" vertex="1">
<mxGeometry x="450" y="470" width="240" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-28" value="<p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">遍历policy里面的每一个Statement,从中拿出来resource和action</p>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1610.75" y="309" width="353.5" height="51" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-29" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-26" target="wHWeom3NAk1b6IJDoaqx-28" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1451" y="177.5" as="sourcePoint" />
<mxPoint x="1501" y="127.5" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-30" value="将action转化为引擎侧支持的类型<br><span style="font-family: &#34;helvetica neue&#34;">ActionTypes actionType = getActionType(action);</span>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#EA6B66;" parent="1" vertex="1">
<mxGeometry x="1595.75" y="419.5" width="383.5" height="45" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-31" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-28" target="wHWeom3NAk1b6IJDoaqx-30" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1781" y="587.5" as="sourcePoint" />
<mxPoint x="1831" y="537.5" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-32" value="返回一个规范化的<span style="font-family: &#34;helvetica neue&#34;">MseRamPolicy</span>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=#000000;" parent="1" vertex="1">
<mxGeometry x="1672.5" y="527.5" width="230" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-33" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-30" target="wHWeom3NAk1b6IJDoaqx-32" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1311" y="227.5" as="sourcePoint" />
<mxPoint x="1361" y="177.5" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-34" value="进行鉴别<br><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">evaluate(permissionRequest, mseRamPolicy, actionType, PolicyEffect.<i>ALLOW</i>))</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">将Policy中所有的Statement都遍历一遍</p>" style="rounded=0;whiteSpace=wrap;html=1;strokeColor=#000000;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1312.5" y="855" width="239" height="90" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-35" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-24" target="wHWeom3NAk1b6IJDoaqx-34" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1181" y="797.5" as="sourcePoint" />
<mxPoint x="1231" y="747.5" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-36" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;strokeColor=#000000;fillColor=none;size=0.5;" parent="1" vertex="1">
<mxGeometry x="1551.5" y="860" width="20" height="90" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-38" value="<p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">evaluate(mseResource, permissionRequest)</p>" style="rounded=0;whiteSpace=wrap;html=1;strokeColor=#000000;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1571.5" y="875" width="270" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-39" value="先从本地拿出”我属于的instance_id,和Ram上配置的进行比对" style="rounded=0;whiteSpace=wrap;html=1;strokeColor=#000000;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1872.5" y="720" width="367.5" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-41" value="再从请求中拿出"tenant",和Ram上配置的进行比对" style="rounded=0;whiteSpace=wrap;html=1;strokeColor=#000000;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1872.5" y="820" width="366.25" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-43" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-39" target="wHWeom3NAk1b6IJDoaqx-41" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="2458.75" y="920" as="sourcePoint" />
<mxPoint x="2508.75" y="870" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-44" value="再从请求中拿出"group",和Ram上配置的进行比对" style="rounded=0;whiteSpace=wrap;html=1;strokeColor=#000000;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1870" y="920" width="370" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-45" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-41" target="wHWeom3NAk1b6IJDoaqx-44" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="2368.75" y="960" as="sourcePoint" />
<mxPoint x="2418.75" y="910" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-46" value="<span>再从请求中拿出"dataId",和Ram上配置的进行比对</span>" style="rounded=0;whiteSpace=wrap;html=1;strokeColor=#000000;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1872.75" y="1030" width="366" height="60" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-47" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" parent="1" source="wHWeom3NAk1b6IJDoaqx-44" target="wHWeom3NAk1b6IJDoaqx-46" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="2368.75" y="1030" as="sourcePoint" />
<mxPoint x="2418.75" y="980" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-48" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;strokeColor=#000000;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1841.5" y="722.5" width="20" height="365" as="geometry" />
</mxCell>
<mxCell id="wHWeom3NAk1b6IJDoaqx-49" value="AuthResourceService.isResourceOwner(account.getParentUserId())<br>判断这个resource是不是属于相应的父账号的。" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="1046" y="1310" width="390" height="60" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-1" value="从Pop请求中创建resource列表<br>RamClient.<b>createResourceList</b><br><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">action:ListClusters</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">resource:acs:mse:cn-hangzhou:1917515276707555:*</p>" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1375" y="1555" width="260" height="70" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-2" value="RamClient进行authorize" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1100" y="1690" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-3" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="1220" y="1505" width="20" height="430" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-5" value="<p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">RamClient进行</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">authorizePopRoaRequest</p>" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="880" y="1680" width="200" height="70" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-6" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="1080" y="1660" width="20" height="120" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-7" value="RamPrivilegeFilter.doFilter" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="280" y="2065" width="180" height="60" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-8" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="460" y="1715" width="20" height="590" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-9" value="<p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">#58</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">ramService.checkPermission(request);</p>" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="490" y="1685" width="230" height="60" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-11" value="RamClient进行<br><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">checkPermission</p>" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="740" y="1685" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-12" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="860" y="1655" width="20" height="120" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-13" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="720" y="1650" width="20" height="120" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-14" value="从Pop请求构造发往ram那边的请求<br><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">Map&lt;String, RamAuthRequest&gt; authRequestMap = createFromHttpRequest(popRequest, resourceList, ramAction);</p>" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1345" y="1680" width="320" height="70" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-15" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="pqcLXYTxen4A3keMg3qM-1" target="pqcLXYTxen4A3keMg3qM-14" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1423" y="1925" as="sourcePoint" />
<mxPoint x="1473" y="1875" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-18" value="<p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">查询这个子账号是否有这个东西的权限</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">batchCheckPermissionForSubUser(<i>ramAuthChecker</i>, authRequestMap,</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;"><span class="Apple-converted-space">&nbsp; &nbsp; </span>Long.<i>parseLong</i>(callerParentId),</p><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;"><span class="Apple-converted-space">&nbsp; &nbsp; </span>Long.<i>parseLong</i>(callerUid));</p>" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1250" y="1850" width="510" height="90" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-19" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" parent="1" source="pqcLXYTxen4A3keMg3qM-14" target="pqcLXYTxen4A3keMg3qM-18" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1480" y="1800" as="sourcePoint" />
<mxPoint x="1630" y="2000" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-21" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="1760" y="1835" width="20" height="120" as="geometry" />
</mxCell>
<mxCell id="pqcLXYTxen4A3keMg3qM-22" value="逐个resource检查是否同意继续<br><p class="p1" style="margin: 0px ; font-stretch: normal ; line-height: normal ; font-family: &#34;helvetica neue&#34;">ramAuthChecker.checkPermissonForSubUser</p>" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1782.5" y="1865" width="257.5" height="60" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-1" value="Pod内置地址服务器(nginx)" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="400" y="2793" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-2" value="" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="310" y="2778" width="660" height="145" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-3" value="" style="endArrow=classic;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;exitX=0.331;exitY=1;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="gCd5b2alUJLPQK7ABECl-8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="485" y="2723" as="sourcePoint" />
<mxPoint x="485" y="2793" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-6" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.71;exitY=-0.033;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0.449;entryY=0.983;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" target="gCd5b2alUJLPQK7ABECl-8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="527" y="2791.02" as="sourcePoint" />
<mxPoint x="527" y="2690" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-7" value="SLB的地址" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" vertex="1" parent="1">
<mxGeometry x="540" y="2690.5" width="80" height="40" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-8" value="SLB" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="370" y="2591" width="350" height="60" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-9" value="Nacos" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="720" y="2793" width="230" height="60" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-10" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.75;exitDx=0;exitDy=0;entryX=0.461;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="gCd5b2alUJLPQK7ABECl-8" target="gCd5b2alUJLPQK7ABECl-9">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="810" y="2743" as="sourcePoint" />
<mxPoint x="860" y="2693" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-11" value="请求2" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" vertex="1" parent="1">
<mxGeometry x="710" y="2733" width="70" height="30" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-13" value="Nacos节点Pod" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" vertex="1" parent="1">
<mxGeometry x="600" y="2863" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-15" value="Diamond客户端" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="370" y="2390" width="350" height="60" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-16" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.71;exitY=-0.033;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0.449;entryY=0.983;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="530" y="2591" as="sourcePoint" />
<mxPoint x="530.1500000000001" y="2449.96" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-17" value="" style="endArrow=classic;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;exitX=0.331;exitY=1;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="485.8499999999999" y="2449" as="sourcePoint" />
<mxPoint x="485" y="2591" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-18" value="<div>请求1:</div><div>curl '${mse_addr}:8080/diamond-server/diamond'</div><div>尝试访问diamond地址服务器</div>" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" vertex="1" parent="1">
<mxGeometry x="280" y="2480" width="210" height="55" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-20" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.806;exitY=1.017;exitDx=0;exitDy=0;entryX=0.937;entryY=-0.033;entryDx=0;entryDy=0;entryPerimeter=0;exitPerimeter=0;" edge="1" parent="1" source="gCd5b2alUJLPQK7ABECl-15" target="gCd5b2alUJLPQK7ABECl-8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="827" y="2550" as="sourcePoint" />
<mxPoint x="933.0300000000002" y="2707" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-21" value="请求2:<br>进行Diamond业务请求" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" vertex="1" parent="1">
<mxGeometry x="670" y="2480" width="140" height="30" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-22" value="请求1" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" vertex="1" parent="1">
<mxGeometry x="400" y="2710" width="70" height="30" as="geometry" />
</mxCell>
<mxCell id="gCd5b2alUJLPQK7ABECl-23" value="通过HTTP报文中的HOST字段,获取SLB地址" style="rounded=0;whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;" vertex="1" parent="1">
<mxGeometry x="440" y="2853" width="120" height="60" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>