Add SignType
This commit is contained in:
parent
3c9e83372c
commit
79e7a95e62
@ -17,6 +17,7 @@
|
||||
package com.alibaba.nacos.auth.annotation;
|
||||
|
||||
import com.alibaba.nacos.auth.constant.ActionTypes;
|
||||
import com.alibaba.nacos.auth.constant.SignType;
|
||||
import com.alibaba.nacos.auth.parser.DefaultResourceParser;
|
||||
import com.alibaba.nacos.auth.parser.ResourceParser;
|
||||
import com.alibaba.nacos.common.utils.StringUtils;
|
||||
@ -49,9 +50,17 @@ public @interface Secured {
|
||||
String resource() default StringUtils.EMPTY;
|
||||
|
||||
/**
|
||||
* Resource name parser. Should have lower priority than resource().
|
||||
* The module of resource related to the request.
|
||||
*
|
||||
* @return module name
|
||||
*/
|
||||
String signType() default SignType.NAMING;
|
||||
|
||||
/**
|
||||
* Custom resource parser. Should have lower priority than resource().
|
||||
*
|
||||
* @return class type of resource parser
|
||||
*/
|
||||
@Deprecated
|
||||
Class<? extends ResourceParser> parser() default DefaultResourceParser.class;
|
||||
}
|
||||
|
@ -0,0 +1,31 @@
|
||||
/*
|
||||
* Copyright 1999-2021 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.auth.constant;
|
||||
|
||||
/**
|
||||
* Auth sign type.
|
||||
*
|
||||
* @author xiweng.yy
|
||||
*/
|
||||
public class SignType {
|
||||
|
||||
public static final String NAMING = "naming";
|
||||
|
||||
public static final String CONFIG = "config";
|
||||
|
||||
public static final String CONSOLE = "console";
|
||||
}
|
@ -20,6 +20,7 @@ import com.alibaba.nacos.api.config.ConfigType;
|
||||
import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.auth.annotation.Secured;
|
||||
import com.alibaba.nacos.auth.constant.ActionTypes;
|
||||
import com.alibaba.nacos.auth.constant.SignType;
|
||||
import com.alibaba.nacos.common.model.RestResult;
|
||||
import com.alibaba.nacos.common.model.RestResultUtils;
|
||||
import com.alibaba.nacos.common.utils.DateFormatUtils;
|
||||
@ -117,7 +118,7 @@ public class ConfigController {
|
||||
* @throws NacosException NacosException.
|
||||
*/
|
||||
@PostMapping
|
||||
@Secured(action = ActionTypes.WRITE, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public Boolean publishConfig(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam(value = "dataId") String dataId, @RequestParam(value = "group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant,
|
||||
@ -191,7 +192,7 @@ public class ConfigController {
|
||||
* @throws NacosException NacosException.
|
||||
*/
|
||||
@GetMapping
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public void getConfig(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam("dataId") String dataId, @RequestParam("group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant,
|
||||
@ -215,7 +216,7 @@ public class ConfigController {
|
||||
* @throws NacosException NacosException.
|
||||
*/
|
||||
@GetMapping(params = "show=all")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ConfigAllInfo detailConfigInfo(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam("dataId") String dataId, @RequestParam("group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant)
|
||||
@ -233,7 +234,7 @@ public class ConfigController {
|
||||
* @throws NacosException NacosException.
|
||||
*/
|
||||
@DeleteMapping
|
||||
@Secured(action = ActionTypes.WRITE, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public Boolean deleteConfig(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam("dataId") String dataId, @RequestParam("group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant,
|
||||
@ -267,7 +268,7 @@ public class ConfigController {
|
||||
* @Param [request, response, dataId, group, tenant, tag]
|
||||
*/
|
||||
@DeleteMapping(params = "delType=ids")
|
||||
@Secured(action = ActionTypes.WRITE, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public RestResult<Boolean> deleteConfigs(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam(value = "ids") List<Long> ids) {
|
||||
String clientIp = RequestUtil.getRemoteIp(request);
|
||||
@ -288,7 +289,7 @@ public class ConfigController {
|
||||
}
|
||||
|
||||
@GetMapping("/catalog")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public RestResult<ConfigAdvanceInfo> getConfigAdvanceInfo(@RequestParam("dataId") String dataId,
|
||||
@RequestParam("group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant) {
|
||||
@ -300,7 +301,7 @@ public class ConfigController {
|
||||
* The client listens for configuration changes.
|
||||
*/
|
||||
@PostMapping("/listener")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public void listener(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
|
||||
@ -328,7 +329,7 @@ public class ConfigController {
|
||||
* Subscribe to configured client information.
|
||||
*/
|
||||
@GetMapping("/listener")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public GroupkeyListenserStatus getListeners(@RequestParam("dataId") String dataId,
|
||||
@RequestParam("group") String group, @RequestParam(value = "tenant", required = false) String tenant,
|
||||
@RequestParam(value = "sampleTime", required = false, defaultValue = "1") int sampleTime) throws Exception {
|
||||
@ -346,7 +347,7 @@ public class ConfigController {
|
||||
* Query the configuration information and return it in JSON format.
|
||||
*/
|
||||
@GetMapping(params = "search=accurate")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public Page<ConfigInfo> searchConfig(@RequestParam("dataId") String dataId, @RequestParam("group") String group,
|
||||
@RequestParam(value = "appName", required = false) String appName,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant,
|
||||
@ -373,7 +374,7 @@ public class ConfigController {
|
||||
* and group are NULL, but content is not NULL. In this case, all configurations are returned.
|
||||
*/
|
||||
@GetMapping(params = "search=blur")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public Page<ConfigInfo> fuzzySearchConfig(@RequestParam("dataId") String dataId,
|
||||
@RequestParam("group") String group, @RequestParam(value = "appName", required = false) String appName,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant,
|
||||
@ -404,7 +405,7 @@ public class ConfigController {
|
||||
* @return Execute to operate result.
|
||||
*/
|
||||
@DeleteMapping(params = "beta=true")
|
||||
@Secured(action = ActionTypes.WRITE, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public RestResult<Boolean> stopBeta(@RequestParam(value = "dataId") String dataId,
|
||||
@RequestParam(value = "group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant) {
|
||||
@ -428,7 +429,7 @@ public class ConfigController {
|
||||
* @return RestResult for ConfigInfo4Beta.
|
||||
*/
|
||||
@GetMapping(params = "beta=true")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public RestResult<ConfigInfo4Beta> queryBeta(@RequestParam(value = "dataId") String dataId,
|
||||
@RequestParam(value = "group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant) {
|
||||
@ -452,7 +453,7 @@ public class ConfigController {
|
||||
* @return ResponseEntity.
|
||||
*/
|
||||
@GetMapping(params = "export=true")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ResponseEntity<byte[]> exportConfig(@RequestParam(value = "dataId", required = false) String dataId,
|
||||
@RequestParam(value = "group", required = false) String group,
|
||||
@RequestParam(value = "appName", required = false) String appName,
|
||||
@ -504,7 +505,7 @@ public class ConfigController {
|
||||
* @return ResponseEntity.
|
||||
*/
|
||||
@GetMapping(params = "exportV2=true")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ResponseEntity<byte[]> exportConfigV2(@RequestParam(value = "dataId", required = false) String dataId,
|
||||
@RequestParam(value = "group", required = false) String group,
|
||||
@RequestParam(value = "appName", required = false) String appName,
|
||||
@ -551,7 +552,7 @@ public class ConfigController {
|
||||
* @throws NacosException NacosException.
|
||||
*/
|
||||
@PostMapping(params = "import=true")
|
||||
@Secured(action = ActionTypes.WRITE, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public RestResult<Map<String, Object>> importAndPublishConfig(HttpServletRequest request,
|
||||
@RequestParam(value = "src_user", required = false) String srcUser,
|
||||
@RequestParam(value = "namespace", required = false) String namespace,
|
||||
@ -775,7 +776,7 @@ public class ConfigController {
|
||||
* @throws NacosException NacosException.
|
||||
*/
|
||||
@PostMapping(params = "clone=true")
|
||||
@Secured(action = ActionTypes.WRITE, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public RestResult<Map<String, Object>> cloneConfig(HttpServletRequest request,
|
||||
@RequestParam(value = "src_user", required = false) String srcUser,
|
||||
@RequestParam(value = "tenant", required = true) String namespace,
|
||||
|
@ -18,6 +18,7 @@ package com.alibaba.nacos.config.server.controller;
|
||||
|
||||
import com.alibaba.nacos.auth.annotation.Secured;
|
||||
import com.alibaba.nacos.auth.constant.ActionTypes;
|
||||
import com.alibaba.nacos.auth.constant.SignType;
|
||||
import com.alibaba.nacos.auth.exception.AccessException;
|
||||
import com.alibaba.nacos.common.utils.NamespaceUtil;
|
||||
import com.alibaba.nacos.config.server.auth.ConfigResourceParser;
|
||||
@ -65,7 +66,7 @@ public class HistoryController {
|
||||
* @return the page of history config.
|
||||
*/
|
||||
@GetMapping(params = "search=accurate")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public Page<ConfigHistoryInfo> listConfigHistory(@RequestParam("dataId") String dataId,
|
||||
@RequestParam("group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant,
|
||||
@ -92,7 +93,7 @@ public class HistoryController {
|
||||
* @return history config info
|
||||
*/
|
||||
@GetMapping
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ConfigHistoryInfo getConfigHistoryInfo(@RequestParam("dataId") String dataId, @RequestParam("group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant, @RequestParam("nid") Long nid)
|
||||
throws AccessException {
|
||||
@ -135,7 +136,7 @@ public class HistoryController {
|
||||
* @since 1.4.0
|
||||
*/
|
||||
@GetMapping(value = "/previous")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ConfigHistoryInfo getPreviousConfigHistoryInfo(@RequestParam("dataId") String dataId, @RequestParam("group") String group,
|
||||
@RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant, @RequestParam("id") Long id)
|
||||
throws AccessException {
|
||||
@ -155,7 +156,7 @@ public class HistoryController {
|
||||
* @return list
|
||||
*/
|
||||
@GetMapping(value = "/configs")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public List<ConfigInfoWrapper> getDataIds(@RequestParam("tenant") String tenant) {
|
||||
// check tenant
|
||||
ParamUtils.checkTenant(tenant);
|
||||
|
@ -23,6 +23,7 @@ import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.api.remote.request.RequestMeta;
|
||||
import com.alibaba.nacos.auth.annotation.Secured;
|
||||
import com.alibaba.nacos.auth.constant.ActionTypes;
|
||||
import com.alibaba.nacos.auth.constant.SignType;
|
||||
import com.alibaba.nacos.config.server.auth.ConfigResourceParser;
|
||||
import com.alibaba.nacos.config.server.service.ConfigCacheService;
|
||||
import com.alibaba.nacos.config.server.utils.GroupKey2;
|
||||
@ -47,7 +48,7 @@ public class ConfigChangeBatchListenRequestHandler
|
||||
|
||||
@Override
|
||||
@TpsControl(pointName = "ConfigListen")
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ConfigChangeBatchListenResponse handle(ConfigBatchListenRequest configChangeListenRequest, RequestMeta meta)
|
||||
throws NacosException {
|
||||
String connectionId = StringPool.get(meta.getConnectionId());
|
||||
|
@ -23,6 +23,7 @@ import com.alibaba.nacos.api.remote.request.RequestMeta;
|
||||
import com.alibaba.nacos.api.remote.response.ResponseCode;
|
||||
import com.alibaba.nacos.auth.annotation.Secured;
|
||||
import com.alibaba.nacos.auth.constant.ActionTypes;
|
||||
import com.alibaba.nacos.auth.constant.SignType;
|
||||
import com.alibaba.nacos.common.utils.MapUtil;
|
||||
import com.alibaba.nacos.config.server.auth.ConfigResourceParser;
|
||||
import com.alibaba.nacos.config.server.model.ConfigInfo;
|
||||
@ -62,7 +63,7 @@ public class ConfigPublishRequestHandler extends RequestHandler<ConfigPublishReq
|
||||
@Override
|
||||
@TpsControl(pointName = "ConfigPublish", parsers = {ConfigPublishGroupKeyParser.class,
|
||||
ConfigPublishGroupParser.class})
|
||||
@Secured(action = ActionTypes.WRITE, resource = "", parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ConfigPublishResponse handle(ConfigPublishRequest request, RequestMeta meta) throws NacosException {
|
||||
|
||||
try {
|
||||
|
@ -23,6 +23,7 @@ import com.alibaba.nacos.api.remote.request.RequestMeta;
|
||||
import com.alibaba.nacos.api.remote.response.ResponseCode;
|
||||
import com.alibaba.nacos.auth.annotation.Secured;
|
||||
import com.alibaba.nacos.auth.constant.ActionTypes;
|
||||
import com.alibaba.nacos.auth.constant.SignType;
|
||||
import com.alibaba.nacos.config.server.auth.ConfigResourceParser;
|
||||
import com.alibaba.nacos.config.server.constant.Constants;
|
||||
import com.alibaba.nacos.config.server.model.CacheItem;
|
||||
@ -70,7 +71,7 @@ public class ConfigQueryRequestHandler extends RequestHandler<ConfigQueryRequest
|
||||
|
||||
@Override
|
||||
@TpsControl(pointName = "ConfigQuery", parsers = {ConfigQueryGroupKeyParser.class, ConfigQueryGroupParser.class})
|
||||
@Secured(action = ActionTypes.READ, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.READ, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ConfigQueryResponse handle(ConfigQueryRequest request, RequestMeta meta) throws NacosException {
|
||||
|
||||
try {
|
||||
|
@ -22,6 +22,7 @@ import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.api.remote.request.RequestMeta;
|
||||
import com.alibaba.nacos.auth.annotation.Secured;
|
||||
import com.alibaba.nacos.auth.constant.ActionTypes;
|
||||
import com.alibaba.nacos.auth.constant.SignType;
|
||||
import com.alibaba.nacos.config.server.auth.ConfigResourceParser;
|
||||
import com.alibaba.nacos.config.server.model.event.ConfigDataChangeEvent;
|
||||
import com.alibaba.nacos.config.server.service.ConfigChangePublisher;
|
||||
@ -54,7 +55,7 @@ public class ConfigRemoveRequestHandler extends RequestHandler<ConfigRemoveReque
|
||||
|
||||
@Override
|
||||
@TpsControl(pointName = "ConfigRemove")
|
||||
@Secured(action = ActionTypes.WRITE, parser = ConfigResourceParser.class)
|
||||
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG, parser = ConfigResourceParser.class)
|
||||
public ConfigRemoveResponse handle(ConfigRemoveRequest configRemoveRequest, RequestMeta meta)
|
||||
throws NacosException {
|
||||
// check tenant
|
||||
|
@ -50,8 +50,7 @@ public class SubscribeServiceRequestHandler extends RequestHandler<SubscribeServ
|
||||
|
||||
private final EphemeralClientOperationServiceImpl clientOperationService;
|
||||
|
||||
public SubscribeServiceRequestHandler(ServiceStorage serviceStorage,
|
||||
NamingMetadataManager metadataManager,
|
||||
public SubscribeServiceRequestHandler(ServiceStorage serviceStorage, NamingMetadataManager metadataManager,
|
||||
EphemeralClientOperationServiceImpl clientOperationService) {
|
||||
this.serviceStorage = serviceStorage;
|
||||
this.metadataManager = metadataManager;
|
||||
@ -67,8 +66,8 @@ public class SubscribeServiceRequestHandler extends RequestHandler<SubscribeServ
|
||||
String app = request.getHeader("app", "unknown");
|
||||
String groupedServiceName = NamingUtils.getGroupedName(serviceName, groupName);
|
||||
Service service = Service.newService(namespaceId, groupName, serviceName, true);
|
||||
Subscriber subscriber = new Subscriber(meta.getClientIp(), meta.getClientVersion(), app,
|
||||
meta.getClientIp(), namespaceId, groupedServiceName, 0, request.getClusters());
|
||||
Subscriber subscriber = new Subscriber(meta.getClientIp(), meta.getClientVersion(), app, meta.getClientIp(),
|
||||
namespaceId, groupedServiceName, 0, request.getClusters());
|
||||
ServiceInfo serviceInfo = ServiceUtil.selectInstancesWithHealthyProtection(serviceStorage.getData(service),
|
||||
metadataManager.getServiceMetadata(service).orElse(null), subscriber);
|
||||
if (request.isSubscribe()) {
|
||||
|
Loading…
Reference in New Issue
Block a user